Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/hercules-3.13/hsocket.h Examining data/hercules-3.13/tapedev.h Examining data/hercules-3.13/fthreads.c Examining data/hercules-3.13/hetmap.c Examining data/hercules-3.13/dasdinit.c Examining data/hercules-3.13/bldcfg.c Examining data/hercules-3.13/codepage.h Examining data/hercules-3.13/cckdcomp.c Examining data/hercules-3.13/herclin.c Examining data/hercules-3.13/cache.h Examining data/hercules-3.13/esa390.h Examining data/hercules-3.13/getopt.h Examining data/hercules-3.13/tapemap.c Examining data/hercules-3.13/omatape.c Examining data/hercules-3.13/hdlmain.c Examining data/hercules-3.13/chsc.c Examining data/hercules-3.13/hsocket.c Examining data/hercules-3.13/version.c Examining data/hercules-3.13/cardpch.c Examining data/hercules-3.13/httpmisc.h Examining data/hercules-3.13/w32chan.h Examining data/hercules-3.13/history.h Examining data/hercules-3.13/dyninst.c Examining data/hercules-3.13/inline.h Examining data/hercules-3.13/bootstrap.c Examining data/hercules-3.13/cckdcdsk.c Examining data/hercules-3.13/service.c Examining data/hercules-3.13/dasdload.c Examining data/hercules-3.13/cardrdr.c Examining data/hercules-3.13/qdio.c Examining data/hercules-3.13/hetlib.c Examining data/hercules-3.13/general3.c Examining data/hercules-3.13/sr.c Examining data/hercules-3.13/cckddasd.c Examining data/hercules-3.13/build_pch.c Examining data/hercules-3.13/hchan.c Examining data/hercules-3.13/dasdisup.c Examining data/hercules-3.13/cmdtab.h Examining data/hercules-3.13/tapeccws.c Examining data/hercules-3.13/vstore.c Examining data/hercules-3.13/fthreads.h Examining data/hercules-3.13/service.h Examining data/hercules-3.13/herc_getopt.h Examining data/hercules-3.13/logger.h Examining data/hercules-3.13/qeth.c Examining data/hercules-3.13/sr.h Examining data/hercules-3.13/parser.h Examining data/hercules-3.13/float.c Examining data/hercules-3.13/sllib.c Examining data/hercules-3.13/general1.c Examining data/hercules-3.13/hscutl.c Examining data/hercules-3.13/hmacros.h Examining data/hercules-3.13/decimal.c Examining data/hercules-3.13/decNumber/decPacked.c Examining data/hercules-3.13/decNumber/decNumberLocal.h Examining data/hercules-3.13/decNumber/decimal64.c Examining data/hercules-3.13/decNumber/decContext.h Examining data/hercules-3.13/decNumber/decimal32.c Examining data/hercules-3.13/decNumber/decimal32.h Examining data/hercules-3.13/decNumber/decimal128.h Examining data/hercules-3.13/decNumber/decPacked.h Examining data/hercules-3.13/decNumber/decimal128.c Examining data/hercules-3.13/decNumber/decDPD.h Examining data/hercules-3.13/decNumber/decNumber.c Examining data/hercules-3.13/decNumber/decNumber.h Examining data/hercules-3.13/decNumber/decContext.c Examining data/hercules-3.13/decNumber/decimal64.h Examining data/hercules-3.13/hscutl.h Examining data/hercules-3.13/dasdseq.c Examining data/hercules-3.13/hsys.c Examining data/hercules-3.13/parser.c Examining data/hercules-3.13/feature.h Examining data/hercules-3.13/vstore.h Examining data/hercules-3.13/strsignal.c Examining data/hercules-3.13/xstore.c Examining data/hercules-3.13/shared.c Examining data/hercules-3.13/awstape.c Examining data/hercules-3.13/feat390.h Examining data/hercules-3.13/sie.c Examining data/hercules-3.13/softfloat/softfloat.c Examining data/hercules-3.13/softfloat/softfloat.h Examining data/hercules-3.13/softfloat/processor.h Examining data/hercules-3.13/softfloat/milieu.h Examining data/hercules-3.13/dasdtab.c Examining data/hercules-3.13/ctc_ctci.c Examining data/hercules-3.13/hetlib.h Examining data/hercules-3.13/dasdls.c Examining data/hercules-3.13/vector.c Examining data/hercules-3.13/version.h Examining data/hercules-3.13/ckddasd.c Examining data/hercules-3.13/vmd250.c Examining data/hercules-3.13/featall.h Examining data/hercules-3.13/w32util.h Examining data/hercules-3.13/hstructs.h Examining data/hercules-3.13/ipl.c Examining data/hercules-3.13/clock.h Examining data/hercules-3.13/hthreads.h Examining data/hercules-3.13/hexterns.h Examining data/hercules-3.13/pfpo.c Examining data/hercules-3.13/w32dl.h Examining data/hercules-3.13/hettape.c Examining data/hercules-3.13/trace.c Examining data/hercules-3.13/pttrace.h Examining data/hercules-3.13/dasdblks.h Examining data/hercules-3.13/hbyteswp.h Examining data/hercules-3.13/w32mtio.h Examining data/hercules-3.13/dyngui.c Examining data/hercules-3.13/cmdtab.c Examining data/hercules-3.13/memrchr.h Examining data/hercules-3.13/con1052c.c Examining data/hercules-3.13/ltdl.c Examining data/hercules-3.13/hetupd.c Examining data/hercules-3.13/hchan.h Examining data/hercules-3.13/htypes.h Examining data/hercules-3.13/fillfnam.h Examining data/hercules-3.13/io.c Examining data/hercules-3.13/machchk.c Examining data/hercules-3.13/linklist.h Examining data/hercules-3.13/hercules.h Examining data/hercules-3.13/hscmisc.c Examining data/hercules-3.13/crypto/des.h Examining data/hercules-3.13/crypto/sha1.c Examining data/hercules-3.13/crypto/sha256.c Examining data/hercules-3.13/crypto/sha1.h Examining data/hercules-3.13/crypto/aes.h Examining data/hercules-3.13/crypto/sha256.h Examining data/hercules-3.13/crypto/des.c Examining data/hercules-3.13/crypto/dyncrypt.c Examining data/hercules-3.13/crypto/aes.c Examining data/hercules-3.13/impl.c Examining data/hercules-3.13/assist.c Examining data/hercules-3.13/dasdtab.h Examining data/hercules-3.13/plo.c Examining data/hercules-3.13/shared.h Examining data/hercules-3.13/cgibin.c Examining data/hercules-3.13/cckdswap.c Examining data/hercules-3.13/vm.c Examining data/hercules-3.13/sllib.h Examining data/hercules-3.13/dasdcat.c Examining data/hercules-3.13/hdteq.c Examining data/hercules-3.13/hstdint.h Examining data/hercules-3.13/hsccmd.c Examining data/hercules-3.13/hdl.c Examining data/hercules-3.13/hscutl2.c Examining data/hercules-3.13/tt32api.h Examining data/hercules-3.13/commadpt.c Examining data/hercules-3.13/printer.c Examining data/hercules-3.13/scsitape.h Examining data/hercules-3.13/dasdutil.c Examining data/hercules-3.13/diagnose.c Examining data/hercules-3.13/cckdutil.c Examining data/hercules-3.13/losc.c Examining data/hercules-3.13/hostinfo.h Examining data/hercules-3.13/w32stape.c Examining data/hercules-3.13/hostinfo.c Examining data/hercules-3.13/w32stape.h Examining data/hercules-3.13/dmap2hrc.c Examining data/hercules-3.13/w32chan.c Examining data/hercules-3.13/logmsg.c Examining data/hercules-3.13/tuntap.h Examining data/hercules-3.13/scsitape.c Examining data/hercules-3.13/cache.c Examining data/hercules-3.13/hercifc.c Examining data/hercules-3.13/tuntap.c Examining data/hercules-3.13/scedasd.c Examining data/hercules-3.13/hconsole.c Examining data/hercules-3.13/dat.c Examining data/hercules-3.13/ecpsvm.h Examining data/hercules-3.13/hstdinc.h Examining data/hercules-3.13/hetget.c Examining data/hercules-3.13/sockdev.h Examining data/hercules-3.13/channel.c Examining data/hercules-3.13/fillfnam.c Examining data/hercules-3.13/ltdl.h Examining data/hercules-3.13/cckddiag.c Examining data/hercules-3.13/codepage.c Examining data/hercules-3.13/httpserv.c Examining data/hercules-3.13/featchk.h Examining data/hercules-3.13/general2.c Examining data/hercules-3.13/feat370.h Examining data/hercules-3.13/cckdfix.c Examining data/hercules-3.13/tapecopy.c Examining data/hercules-3.13/tapesplt.c Examining data/hercules-3.13/w32ctca.c Examining data/hercules-3.13/memrchr.c Examining data/hercules-3.13/hercwind.h Examining data/hercules-3.13/dat.h Examining data/hercules-3.13/cmpsc.c Examining data/hercules-3.13/pttrace.c Examining data/hercules-3.13/getopt.c Examining data/hercules-3.13/hao.c Examining data/hercules-3.13/external.c Examining data/hercules-3.13/crypto.c Examining data/hercules-3.13/cpuint.h Examining data/hercules-3.13/dfp.c Examining data/hercules-3.13/conspawn.c Examining data/hercules-3.13/hextapi.h Examining data/hercules-3.13/config.c Examining data/hercules-3.13/console.c Examining data/hercules-3.13/feat900.h Examining data/hercules-3.13/ctc_lcs.c Examining data/hercules-3.13/cpu.c Examining data/hercules-3.13/chsc.h Examining data/hercules-3.13/clock.c Examining data/hercules-3.13/opcode.h Examining data/hercules-3.13/opcode.c Parsing failed to find end of parameter list; semicolon terminated it in (operands,sizeof(operands)-1, #define DISASM_LOGMSG \ operands[sizeof(operands)-1]=0; \ return sprintf(p, "%-5s %-19s %s",mnemonic,operands,name) // instructions using alternate mnemonic Examining data/hercules-3.13/fbadasd.c Examining data/hercules-3.13/diagmssf.c Examining data/hercules-3.13/crypto.h Examining data/hercules-3.13/ecpsvm.c Examining data/hercules-3.13/vmd250.h Examining data/hercules-3.13/sockdev.c Examining data/hercules-3.13/ieee.c Examining data/hercules-3.13/hconsole.h Examining data/hercules-3.13/esame.c Examining data/hercules-3.13/hetinit.c Examining data/hercules-3.13/loadparm.c Examining data/hercules-3.13/tapedev.c Examining data/hercules-3.13/logger.c Examining data/hercules-3.13/ctcadpt.c Examining data/hercules-3.13/commadpt.h Examining data/hercules-3.13/dasdpdsu.c Examining data/hercules-3.13/faketape.c Examining data/hercules-3.13/devtype.h Examining data/hercules-3.13/dasdconv.c Examining data/hercules-3.13/dasdcopy.c Examining data/hercules-3.13/hostopts.h Examining data/hercules-3.13/comm3705.c Examining data/hercules-3.13/ctcadpt.h Examining data/hercules-3.13/hconsts.h Examining data/hercules-3.13/history.c Examining data/hercules-3.13/control.c Examining data/hercules-3.13/comm3705.h Examining data/hercules-3.13/w32ctca.h Examining data/hercules-3.13/w32util.c Examining data/hercules-3.13/hdl.h Examining data/hercules-3.13/stack.c Examining data/hercules-3.13/timer.c Examining data/hercules-3.13/panel.c Examining data/hercules-3.13/machdep.h Examining data/hercules-3.13/hercifc.h FINAL RESULTS: data/hercules-3.13/awstape.c:53:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename, TAPE_UNLOADED); data/hercules-3.13/awstape.c:148:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename, TAPE_UNLOADED); data/hercules-3.13/bldcfg.c:301:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access( tamdir, R_OK | W_OK ) != 0) data/hercules-3.13/bldcfg.c:496:40: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. stmtlen += sprintf (&buf[stmtlen], "%s", inc_envvar); data/hercules-3.13/bldcfg.c:586:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,buf1); data/hercules-3.13/cardpch.c:59:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, argv[0]); data/hercules-3.13/cardrdr.c:182:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(argv[i], R_OK | F_OK) != 0) data/hercules-3.13/cardrdr.c:264:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. else if (access(argv[0], R_OK | F_OK) != 0) data/hercules-3.13/cardrdr.c:274:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, argv[0]); data/hercules-3.13/cardrdr.c:383:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename, *(dev->current_file++)); data/hercules-3.13/cckddasd.c:5361:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, op); data/hercules-3.13/cckddasd.c:5677:16: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. rc=vsnprintf(bfr,sz,msg,vl); data/hercules-3.13/cckddasd.c:5703:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tbuf, ctime(&t)); data/hercules-3.13/cckddasd.c:5717:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. l = sprintf ((char *)p, "%s" "." "%6.6ld %4.4X:", data/hercules-3.13/cckddasd.c:5719:13: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf ((char *)p + l, msg, vl); data/hercules-3.13/cckdutil.c:1379:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. j = sprintf(space1, "%s", spaces[spctab[i].typ]); data/hercules-3.13/cckdutil.c:1382:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. j = sprintf(space2, "%s", spaces[spctab[i+1].typ]); data/hercules-3.13/cckdutil.c:2705:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. i += sprintf (msg+i, "%s: ", p); data/hercules-3.13/cckdutil.c:2709:5: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf (msg+i, format, vl); data/hercules-3.13/ckddasd.c:233:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, pathname); data/hercules-3.13/comm3705.c:1088:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msgtext, "%s:%d VTAM CONNECTION ACCEPTED - NETWORK NODE= %4.4X", ipaddr, (int)ntohs(client.sin_port), na); data/hercules-3.13/comm3705.c:1090:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msgtext, "%s:%d VTAM CONNECTION TERMINATED", ipaddr, (int)ntohs(client.sin_port)); data/hercules-3.13/comm3705.c:1480:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->commadpt->locncpnm,res.text); data/hercules-3.13/comm3705.c:1486:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->commadpt->rmtncpnm,res.text); data/hercules-3.13/comm3705.c:1649:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmtbuf3, fmtbuf4); data/hercules-3.13/comm3705.c:1652:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmtbuf3, fmtbuf4); data/hercules-3.13/comm3705.c:1682:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf6, "%s[%02x]", "SETCV", requestp[18]); data/hercules-3.13/comm3705.c:1707:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf5, "%4.4X: %s: %s %s %-6.6s %s\n", devnum, tag, fmtbuf, fmtbuf2, fmtbuf3, ru_type); data/hercules-3.13/commadpt.c:849:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msgtext, "%s:%d TERMINAL CONNECTED CUA=%4.4X TERM=%s", ipaddr, (int)ntohs(client.sin_port), devnum, (term == COMMADPT_TERM_TTY) ? "TTY" : "2741"); data/hercules-3.13/config.c:923:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(wrk,spec); data/hercules-3.13/config.c:970:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*rest,r); data/hercules-3.13/config.c:1306:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(data[sysblk.logolines],rec); data/hercules-3.13/console.c:1390:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cline,logodata[i]); data/hercules-3.13/conspawn.c:98:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p,argv[i]); data/hercules-3.13/conspawn.c:107:25: [4] (shell) ShellExecute: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rc = (intptr_t) ShellExecute( hwnd, lpOperation, lpFile, lpParameters, lpDirectory, nShowCmd ); data/hercules-3.13/conspawn.c:134:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(PGMNAME": ShellExecute(\"%s\", \"%s\",...) failed: Unknown error; rc=%d (0x%08.8X).\n", data/hercules-3.13/conspawn.c:139:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( PGMNAME": ShellExecute(\"%s\", \"%s\",...) failed: %s.\n", data/hercules-3.13/conspawn.c:159:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( PGMNAME": Usage: command [args]\n"); data/hercules-3.13/conspawn.c:177:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p,argv[i]); data/hercules-3.13/conspawn.c:186:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rc = system(p); data/hercules-3.13/control.c:5594:20: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. log_sigp = snprintf ( log_buf, sizeof(log_buf), data/hercules-3.13/crypto/dyncrypt.c:772:94: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define P(a) { int _i; printf(" { "); for(_i = 0; _i < 16; _i++) { printf("0x%02x", a[_i]); printf((_i < 15 ? ", " : " ")); } printf("},\n"); } data/hercules-3.13/ctc_ctci.c:1131:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szTUNCharName, tt32_get_default_iface() ); data/hercules-3.13/ctc_ctci.c:1133:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szTUNCharName, HERCTUN_DEV ); data/hercules-3.13/ctc_ctci.c:1247:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szTUNCharName, optarg ); data/hercules-3.13/ctc_ctci.c:1290:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szMTU, optarg ); data/hercules-3.13/ctc_ctci.c:1301:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szNetMask, optarg ); data/hercules-3.13/ctc_ctci.c:1312:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szMACAddress, optarg ); data/hercules-3.13/ctc_ctci.c:1357:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szGuestIPAddr, *argv ); data/hercules-3.13/ctc_ctci.c:1369:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szDriveIPAddr, *argv ); data/hercules-3.13/ctc_ctci.c:1394:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szTUNCharName, *argv ); data/hercules-3.13/ctc_ctci.c:1408:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szMTU, *argv ); data/hercules-3.13/ctc_ctci.c:1419:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szGuestIPAddr, *argv ); data/hercules-3.13/ctc_ctci.c:1431:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szDriveIPAddr, *argv ); data/hercules-3.13/ctc_ctci.c:1443:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szNetMask, *argv ); data/hercules-3.13/ctc_ctci.c:1472:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szGuestIPAddr, *argv ); data/hercules-3.13/ctc_ctci.c:1488:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szTUNCharName, *argv ); data/hercules-3.13/ctc_ctci.c:1501:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pCTCBLK->szDriveIPAddr, data/hercules-3.13/ctc_lcs.c:283:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pLCSDev->pDEVBLK[0]->filename, pLCSBLK->pszTUNDevice ); data/hercules-3.13/ctc_lcs.c:307:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pLCSDev->pDEVBLK[1]->filename, pLCSBLK->pszTUNDevice ); data/hercules-3.13/ctc_lcs.c:1519:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifr.ifr_name, pLCSPORT->szNetDevName ); data/hercules-3.13/ctc_lcs.c:2171:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pLCSBLK->Port[0].szMACAddress, optarg ); data/hercules-3.13/ctc_lcs.c:2340:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pLCSPORT->szMACAddress, argv[0] ); data/hercules-3.13/ctcadpt.c:1012:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( address, inet_ntoa( ipaddr ) ); data/hercules-3.13/ctcadpt.c:1162:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( dev->filename, "%s:%s", remaddr, remotep ); data/hercules-3.13/ctcadpt.c:1459:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( str, "%s:%d", data/hercules-3.13/ctcadpt.c:1542:9: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv (argv[0], (EXECV_ARG2_ARGV_T)argv); data/hercules-3.13/ctcadpt.c:1958:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( address, inet_ntoa( pDEVBLK->ctce_ipaddr ) ); data/hercules-3.13/ctcadpt.c:2277:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( address, inet_ntoa( dev->ctce_ipaddr ) ); data/hercules-3.13/ctcadpt.c:2406:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( dev->filename, ".:....=%s:%d", remaddr, dev->ctce_rport ); data/hercules-3.13/ctcadpt.c:2477:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( str, "%s:%d", data/hercules-3.13/dasdconv.c:763:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (sfname, ofname); data/hercules-3.13/dasdconv.c:780:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (sfname, ofname + i); data/hercules-3.13/dasdconv.c:862:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ifname, argv[1]); data/hercules-3.13/dasdconv.c:868:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ofname, argv[2]); data/hercules-3.13/dasdinit.c:194:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (fname, argv[1]); data/hercules-3.13/dasdinit.c:241:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (volser, argv[3]); data/hercules-3.13/dasdload.c:35:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define XMERR printf data/hercules-3.13/dasdload.c:36:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define XMERRF printf data/hercules-3.13/dasdload.c:132:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stderr, data/hercules-3.13/dasdload.c:167:9: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf (msg, vl); data/hercules-3.13/dasdls.c:97:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, y, mths[m], d); data/hercules-3.13/dasdls.c:103:28: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. : printf(runflgs & rf_caldate ? " ---------" data/hercules-3.13/dasdls.c:207:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(runflgs & rf_refdate ? (runflgs & rf_caldate ? " Last Ref." : " REFDT") : ""); data/hercules-3.13/dasdls.c:208:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(runflgs & rf_expdate ? (runflgs & rf_caldate ? " Exp. Date" : " EXPDT") : ""); data/hercules-3.13/dasdls.c:291:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(txtrecfm, tmpstr); data/hercules-3.13/dasdls.c:303:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(txtrecfm, tmpstr); data/hercules-3.13/dasdseq.c:127:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(txtcredt, txtscr); data/hercules-3.13/dasdseq.c:134:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(txtexpdt, txtscr); data/hercules-3.13/dasdseq.c:247:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(zdsn, argdsn); data/hercules-3.13/dasdseq.c:448:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, (expert) ? data/hercules-3.13/dasdutil.c:152:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( prev_hex, hex_chars ); data/hercules-3.13/dasdutil.c:542:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (sfxname, fname); data/hercules-3.13/dasdutil.c:571:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (sfxname, fname + i); data/hercules-3.13/dasdutil.c:592:26: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). else if (fd < 0) strcpy (sfxname, fname); data/hercules-3.13/dasdutil.c:1762:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (sfname, fname); data/hercules-3.13/dasdutil.c:1785:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (sfname, fname + i); data/hercules-3.13/decNumber/decNumber.c:6393:11: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. else printf(spec, ar[i]); data/hercules-3.13/diagnose.c:84:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(entry,prefix[regs->arch_mode]); data/hercules-3.13/diagnose.c:85:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(entry,name); data/hercules-3.13/diagnose.c:109:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(iplcmd, "%s %03X", ipltype, sysblk.ipldev); data/hercules-3.13/dyngui.c:1948:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf( stream, pszFormat, vl ); data/hercules-3.13/dyninst.c:217:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s%02X%1X",prefix[arch],opcode,extop); data/hercules-3.13/dyninst.c:240:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s%02X%02X",prefix[arch],opcode,extop); data/hercules-3.13/dyninst.c:263:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s%02X",prefix[arch],opcode); data/hercules-3.13/faketape.c:54:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename, TAPE_UNLOADED); data/hercules-3.13/faketape.c:149:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename, TAPE_UNLOADED); data/hercules-3.13/fbadasd.c:82:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, argv[0]); data/hercules-3.13/fillfnam.c:131:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullfilename, "%s%s", path, namelist[i]->d_name); data/hercules-3.13/fillfnam.c:133:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullfilename, "%s", namelist[i]->d_name); data/hercules-3.13/fillfnam.c:154:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buff, namelist[0]->d_name); data/hercules-3.13/fillfnam.c:175:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullfilename, "%s%s", path, buff); data/hercules-3.13/fillfnam.c:177:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullfilename, "%s", buff); data/hercules-3.13/fillfnam.c:179:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(result, "%s%s%s", part1, fullfilename, part3); data/hercules-3.13/fillfnam.c:182:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmdlinefull, result); data/hercules-3.13/getopt.c:128:11: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/hercules-3.13/hconsole.c:304:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x47: strcpy( kbbuf, KBD_HOME ); break; data/hercules-3.13/hconsole.c:305:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x52: strcpy( kbbuf, KBD_INSERT ); break; data/hercules-3.13/hconsole.c:306:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x53: strcpy( kbbuf, KBD_DELETE ); break; data/hercules-3.13/hconsole.c:307:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x4F: strcpy( kbbuf, KBD_END ); break; data/hercules-3.13/hconsole.c:308:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x49: strcpy( kbbuf, KBD_PAGE_UP ); break; data/hercules-3.13/hconsole.c:309:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x51: strcpy( kbbuf, KBD_PAGE_DOWN ); break; data/hercules-3.13/hconsole.c:311:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x48: strcpy( kbbuf, KBD_UP_ARROW ); break; data/hercules-3.13/hconsole.c:312:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x50: strcpy( kbbuf, KBD_DOWN_ARROW ); break; data/hercules-3.13/hconsole.c:313:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x4D: strcpy( kbbuf, KBD_RIGHT_ARROW ); break; data/hercules-3.13/hconsole.c:314:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x4B: strcpy( kbbuf, KBD_LEFT_ARROW ); break; data/hercules-3.13/hconsole.c:316:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x77: strcpy( kbbuf, KBD_CTRL_HOME ); break; data/hercules-3.13/hconsole.c:317:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x75: strcpy( kbbuf, KBD_CTRL_END ); break; data/hercules-3.13/hconsole.c:319:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x8D: strcpy( kbbuf, KBD_CTRL_UP_ARROW ); break; data/hercules-3.13/hconsole.c:320:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x91: strcpy( kbbuf, KBD_CTRL_DOWN_ARROW ); break; data/hercules-3.13/hconsole.c:322:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x98: strcpy( kbbuf, KBD_ALT_UP_ARROW ); break; data/hercules-3.13/hconsole.c:323:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0xA0: strcpy( kbbuf, KBD_ALT_DOWN_ARROW ); break; data/hercules-3.13/hconsole.c:324:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x9D: strcpy( kbbuf, KBD_ALT_RIGHT_ARROW ); break; data/hercules-3.13/hconsole.c:325:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case 0x9B: strcpy( kbbuf, KBD_ALT_LEFT_ARROW ); break; data/hercules-3.13/hconsole.c:574:14: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return ( fprintf( confp, ANSI_POSITION_CURSOR, rowY1, colX1 ) ? 0 : -1 ); data/hercules-3.13/hconsole.c:583:14: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return ( fprintf( confp, ANSI_ERASE_EOL ) ? 0 : -1 ); data/hercules-3.13/hconsole.c:592:14: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return ( fprintf( confp, ANSI_ERASE_SCREEN ) ? 0 : -1 ); data/hercules-3.13/hconsole.c:801:14: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. rc = fprintf data/hercules-3.13/hconsole.c:838:14: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. rc = fprintf data/hercules-3.13/hconsole.c:924:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if ( fprintf( confp, KBD_ASK_CURSOR_POS ) < 0 ) data/hercules-3.13/hconsole.c:1053:12: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return fprintf( confp, ins ? LINUX_UNDER_BLINK_CURSOR : LINUX_BLINK_BLOCK_CURSOR ); data/hercules-3.13/hdl.c:313:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dtname,HDL_HDTP_Q); data/hercules-3.13/hdl.c:314:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(dtname,ltype); data/hercules-3.13/hercwind.h:126:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/hercules-3.13/hercwind.h:126:25: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/hercules-3.13/hercwind.h:127:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf _vsnprintf data/hercules-3.13/hercwind.h:216:14: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. rc = vsnprintf( buffer, buffsize, fmt, args); data/hercules-3.13/hetget.c:617:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( help, name, name ); data/hercules-3.13/hetinit.c:40:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( help, name, name ); data/hercules-3.13/hetmap.c:86:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( strcat( recfm, data/hercules-3.13/hetmap.c:86:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( strcat( recfm, data/hercules-3.13/hetmap.c:86:25: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( strcat( recfm, data/hercules-3.13/hetmap.c:117:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( sep ); data/hercules-3.13/hetmap.c:157:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( help_tapemap, name, name ); data/hercules-3.13/hetmap.c:161:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( help_hetmap, name, name ); data/hercules-3.13/hetmap.c:276:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( sep ); data/hercules-3.13/hetmap.c:339:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( sep ); data/hercules-3.13/hetmap.c:399:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( sep ); data/hercules-3.13/hettape.c:95:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename, TAPE_UNLOADED); data/hercules-3.13/hettape.c:120:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, TAPE_UNLOADED); data/hercules-3.13/hetupd.c:72:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( help, name, name ); data/hercules-3.13/hetupd.c:343:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( toname, "%s.%010d", argv[ optind ], rand() ); data/hercules-3.13/history.c:37:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(historyCmdLine, cmdline); data/hercules-3.13/history.c:73:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp->cmdline, cmdline); data/hercules-3.13/hmacros.h:65:12: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf w32_fprintf data/hercules-3.13/hsccmd.c:859:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, wrk); data/hercules-3.13/hscmisc.c:1053:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. n += sprintf (buf+n, " R:"F_RADR, raddr); data/hercules-3.13/hscmisc.c:1433:12: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. return system(command); data/hercules-3.13/hscutl.c:351:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tok->val,value); data/hercules-3.13/hscutl.c:431:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(resstr,text); data/hercules-3.13/hscutl.c:481:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(resstr,text); data/hercules-3.13/hscutl.c:810:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. rc=vsnprintf(bfr,bsize,fmt,vl); data/hercules-3.13/httpserv.c:684:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access( absolute_httproot_path, R_OK ) != 0) data/hercules-3.13/logmsg.c:44:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. rc=vsnprintf(bfr,siz,msg,vl); \ data/hercules-3.13/logmsg.c:299:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cd->obfr,msg); data/hercules-3.13/ltdl.c:277:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, str); data/hercules-3.13/ltdl.c:841:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lt_ptr system; /* system specific data */ data/hercules-3.13/ltdl.c:1342:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (searchname, "%s.", filename); data/hercules-3.13/ltdl.c:2489:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (filename, "%.*s/%s", (int) dirname_len, dirname, dlname); data/hercules-3.13/ltdl.c:2698:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (filename, dir_name); data/hercules-3.13/ltdl.c:2704:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (filename +lendir, base_name); data/hercules-3.13/ltdl.c:2776:27: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int notfound = access (filename, R_OK); data/hercules-3.13/ltdl.c:2918:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (name, "lib%s", p+2); data/hercules-3.13/ltdl.c:3483:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, filename); data/hercules-3.13/ltdl.c:3484:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (tmp, archive_ext); data/hercules-3.13/ltdl.c:3507:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, filename); data/hercules-3.13/ltdl.c:3514:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp, shlib_ext); data/hercules-3.13/ltdl.c:3636:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, dirnam); data/hercules-3.13/ltdl.c:3889:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->loader->sym_prefix); data/hercules-3.13/ltdl.c:3890:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, handle->info.name); data/hercules-3.13/ltdl.c:3894:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->info.name); data/hercules-3.13/ltdl.c:3898:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, symbol); data/hercules-3.13/ltdl.c:3916:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->loader->sym_prefix); data/hercules-3.13/ltdl.c:3917:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, symbol); data/hercules-3.13/ltdl.c:3921:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, symbol); data/hercules-3.13/omatape.c:1234:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->filename,TAPE_UNLOADED); data/hercules-3.13/opcode.c:1424:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(operands,sizeof(operands)-1, data/hercules-3.13/opcode.c:1428:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return sprintf(p, "%-5s %-19s %s",mnemonic,operands,name) data/hercules-3.13/opcode.c:1433:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return sprintf(p, "%sA %-*s %s",mnemonic, \ data/hercules-3.13/panel.c:689:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmdline, historyCmdLine); data/hercules-3.13/panel.c:700:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmdline, historyCmdLine); data/hercules-3.13/panel.c:1287:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (NPpswstate, buf); data/hercules-3.13/panel.c:1636:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(NPoldprompt1, NPprompt1); data/hercules-3.13/panel.c:1654:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(NPoldprompt2, NPprompt2); data/hercules-3.13/panel.c:1807:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(obfr,grps[i]); data/hercules-3.13/panel.c:2530:37: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmdline, historyCmdLine); data/hercules-3.13/panel.c:2556:41: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmdline, NPdevnam[NPasgn]); data/hercules-3.13/panel.c:2559:37: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (NPentered, "herc devinit %4.4x %s", data/hercules-3.13/panel.c:2954:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (ibuf, "instcount=%s", format_int(INSTCOUNT(regs))); data/hercules-3.13/panel.c:2957:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf + len, ibuf); data/hercules-3.13/panel.c:2961:28: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. len += sprintf (buf+len,"%s", "Offline"); data/hercules-3.13/parser.c:137:21: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if( sscanf( val, pp->fmt, res ) != 1 ) data/hercules-3.13/pfpo.c:100:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, "-" INFINITYSTR); data/hercules-3.13/pfpo.c:102:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, INFINITYSTR); data/hercules-3.13/pfpo.c:106:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, QNANSTR); data/hercules-3.13/pfpo.c:110:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, SNANSTR); data/hercules-3.13/pfpo.c:184:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, "-" INFINITYSTR); data/hercules-3.13/pfpo.c:186:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, INFINITYSTR); data/hercules-3.13/pfpo.c:190:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, QNANSTR); data/hercules-3.13/pfpo.c:194:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, SNANSTR); data/hercules-3.13/pfpo.c:270:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, "-" INFINITYSTR); data/hercules-3.13/pfpo.c:272:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, INFINITYSTR); data/hercules-3.13/pfpo.c:276:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, QNANSTR); data/hercules-3.13/pfpo.c:280:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->str, SNANSTR); data/hercules-3.13/printer.c:197:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, wrk); data/hercules-3.13/printer.c:789:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rc = system (dev->filename+1); data/hercules-3.13/pttrace.c:624:40: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). tt = pttrace[i].tv.tv_sec; strcpy(tbuf, ctime(&tt)); tbuf[19] = '\0'; data/hercules-3.13/shared.c:125:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, argv[0]); data/hercules-3.13/shared.c:404:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, argv[0]); data/hercules-3.13/shared.c:2666:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf ((char *)s + strlen(s), sizeof(s) - strlen(s), data/hercules-3.13/shared.c:2908:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, argv[1]); data/hercules-3.13/sllib.c:665:15: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. ret = sscanf( src, ptr, &tm.tm_year, &tm.tm_yday ); data/hercules-3.13/sockdev.c:86:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (addr.sun_path, path); /* guaranteed room by above check */ data/hercules-3.13/sockdev.c:134:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, spec); data/hercules-3.13/tapeccws.c:1663:17: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access( newfile, R_OK ) != 0) data/hercules-3.13/tapecopy.c:159:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf data/hercules-3.13/tapedev.c:1179:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, TAPE_UNLOADED); data/hercules-3.13/tapedev.c:1182:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dev->filename, argv[0]); data/hercules-3.13/tapedev.c:2246:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev->al_argv[dev->al_argc],par); data/hercules-3.13/tapedev.c:2264:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tae.filename,fn); data/hercules-3.13/tapedev.c:2272:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tae.argv[tae.argc],p); data/hercules-3.13/tapedev.c:2373:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pars[pcount],dev->al_argv[i]); data/hercules-3.13/tapedev.c:2382:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pars[pcount],dev->als[alix].argv[i]); data/hercules-3.13/tuntap.c:95:18: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rc = execlp (hercifc, hercifc, NULL ); data/hercules-3.13/tuntap.c:241:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( pszNetDevName, ifr.ifr_name ); data/hercules-3.13/tuntap.c:299:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifreq.ifr_name, pszNetDevName ); data/hercules-3.13/tuntap.c:329:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifreq.ifr_name, pszNetDevName ); data/hercules-3.13/tuntap.c:366:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifreq.ifr_name, pszNetDevName ); data/hercules-3.13/tuntap.c:403:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifreq.ifr_name, pszNetDevName ); data/hercules-3.13/tuntap.c:441:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifreq.ifr_name, pszNetDevName ); data/hercules-3.13/tuntap.c:488:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ifreq.ifr_name, pszNetDevName ); data/hercules-3.13/tuntap.c:797:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( ctlreq.szIFName, ((struct rtentry*)argp)->rt_dev ); data/hercules-3.13/tuntap.c:867:18: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rc = execlp( pszCfgCmd, pszCfgCmd, NULL ); data/hercules-3.13/w32util.c:772:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pattern, dir); data/hercules-3.13/w32util.c:812:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(current.d_name, file_data.cFileName); data/hercules-3.13/w32util.c:817:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copyentry->d_name, current.d_name); data/hercules-3.13/w32util.c:994:18: [4] (misc) getlogin: It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid()) and extract the desired information instead. DLL_EXPORT char* getlogin ( void ) data/hercules-3.13/w32util.c:1251:5: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _snprintf( data/hercules-3.13/w32util.c:1445:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #undef fprintf // (so we can call the actual Windows version if we need to) data/hercules-3.13/w32util.c:2209:20: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return vfprintf( stream, format, vl ); data/hercules-3.13/w32util.c:2223:20: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. while ( ( rc = vsnprintf( buff, bytes, format, vl ) ) < 0 ); data/hercules-3.13/w32util.c:2733:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( readbuff, buffer_overflow_msg); data/hercules-3.13/w32util.h:128:24: [4] (misc) getlogin: It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid()) and extract the desired information instead. W32_DLL_IMPORT char* getlogin ( void ); data/hercules-3.13/bldcfg.c:296:10: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath( tamdir, dirwrk )) data/hercules-3.13/bldcfg.c:460:38: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. inc_envvar = getenv (&buf[inc_lbrace]); data/hercules-3.13/bldcfg.c:1553:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. slogofile=getenv("HERCLOGO"); data/hercules-3.13/bootstrap.c:121:33: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. && (g_hDbgHelpDll = LoadLibrary(_T("DbgHelp.dll"))) data/hercules-3.13/codepage.c:1039:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(!(name = getenv("HERCULES_CP"))) data/hercules-3.13/crypto.c:212:5: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(random() * host_tod()); /* Randomize related to time */ data/hercules-3.13/crypto.c:212:13: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(random() * host_tod()); /* Randomize related to time */ data/hercules-3.13/crypto.c:214:27: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sysblk.wkaes_reg[i] = random(); data/hercules-3.13/crypto.c:216:27: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sysblk.wkdea_reg[i] = random(); data/hercules-3.13/crypto.c:239:12: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. byte = random(); data/hercules-3.13/ctc_ctci.c:1205:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long( argc, argv, data/hercules-3.13/ctc_ctci.c:1213:13: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt( argc, argv, "n" data/hercules-3.13/ctc_lcs.c:2098:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long( argc, argv, data/hercules-3.13/ctc_lcs.c:2105:13: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt( argc, argv, "n" data/hercules-3.13/fthreads.c:730:30: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define LockThreadsList() EnterCriticalSection ( &ThreadListLock ) data/hercules-3.13/fthreads.c:870:9: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection ( &ThreadListLock ); data/hercules-3.13/fthreads.h:32:58: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define MyEnterCriticalSection(pCS) (EnterCriticalSection((CRITICAL_SECTION*)(pCS))) data/hercules-3.13/getopt.c:64:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. __weak_alias(getopt,_getopt) data/hercules-3.13/getopt.c:74:14: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. __weak_alias(getopt_long,_getopt_long) data/hercules-3.13/getopt.c:90:29: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. #define IS_POSIXLY_CORRECT (getenv("POSIXLY_CORRECT") != NULL) data/hercules-3.13/getopt.c:354:1: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. getopt(nargc, nargv, options) data/hercules-3.13/getopt.c:387:1: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. getopt_long(nargc, nargv, options, long_options, idx) data/hercules-3.13/getopt.h:73:20: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. GOP_DLL_IMPORT int getopt (int, char * const *, const char *); data/hercules-3.13/getopt.h:96:20: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. GOP_DLL_IMPORT int getopt_long (int, char *const *, const char *, const struct option *, int *); data/hercules-3.13/hconsole.c:894:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!(env = getenv( "LINES" ))) *rows = 24; data/hercules-3.13/hconsole.c:896:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!(env = getenv( "COLUMNS" ))) *cols = 80; data/hercules-3.13/herc_getopt.h:22:12: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt herc_getopt data/hercules-3.13/herc_getopt.h:31:14: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt_long herc_getopt_long data/hercules-3.13/hercwind.h:131:9: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define srandom srand data/hercules-3.13/hercwind.h:131:25: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define srandom srand data/hercules-3.13/hercwind.h:132:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define random rand data/hercules-3.13/hetget.c:641:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc = getopt( argc, argv, "abhnsu" ); data/hercules-3.13/hetinit.c:86:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc = getopt( argc, argv, "dhin" ); data/hercules-3.13/hetmap.c:225:18: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc = getopt( argc, argv, "adfhlt" ); data/hercules-3.13/hetupd.c:271:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc = getopt( argc, argv, "bc:dhrsvz0123456789" ); data/hercules-3.13/hetupd.c:273:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc = getopt( argc, argv, "c:dhrsvz0123456789" ); data/hercules-3.13/hsccmd.c:1678:13: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (realpath(tamdir1, workdir) != NULL) data/hercules-3.13/hscutl.c:58:8: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc=getopt(ac,av,opt); data/hercules-3.13/hscutl.c:71:5: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int getopt_long (int, char *const *, const char *, const struct option *, int *); data/hercules-3.13/hscutl.c:84:8: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. rc=getopt_long(ac,av,opt,lo,li); data/hercules-3.13/hscutl.c:362:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. val=getenv(sym); data/hercules-3.13/httpserv.c:346:10: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath( path, resolved_path )) data/hercules-3.13/httpserv.c:674:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(sysblk.httproot,absolute_httproot_path)) data/hercules-3.13/impl.c:286:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!(rcname = getenv("HERCULES_RC"))) data/hercules-3.13/impl.c:431:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(!(cfgfile = getenv("HERCULES_CNF"))) data/hercules-3.13/impl.c:435:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "f:p:l:db:")) != EOF) data/hercules-3.13/ltdl.c:1351:14: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. module = LoadLibrary(wpath); data/hercules-3.13/ltdl.c:1354:12: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. module = LoadLibrary (searchname); data/hercules-3.13/ltdl.c:3173:25: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. search_path = getenv (LTDL_SEARCHPATH_VAR); data/hercules-3.13/ltdl.c:3181:25: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. search_path = getenv (LTDL_SHLIBPATH_VAR); data/hercules-3.13/ltdl.c:3366:29: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. && !find_handle (getenv (LTDL_SEARCHPATH_VAR), base_name, data/hercules-3.13/ltdl.c:3369:29: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. && !find_handle (getenv (LTDL_SHLIBPATH_VAR), base_name, data/hercules-3.13/ltdl.c:3748:36: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv("LTDL_LIBRARY_PATH"), 0, data/hercules-3.13/ltdl.c:3755:36: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv(LTDL_SHLIBPATH_VAR), 0, data/hercules-3.13/ltdl.c:3762:36: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv(LTDL_SYSSEARCHPATH), 0, data/hercules-3.13/panel.c:1879:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cons_term = getenv ("TERM"); data/hercules-3.13/scedasd.c:39:13: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if(!realpath(path,tempdir)) data/hercules-3.13/scedasd.c:65:9: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if(!realpath(path,tempdir)) data/hercules-3.13/scedasd.c:104:9: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if(!realpath(temppath,tempreal)) data/hercules-3.13/tapeccws.c:1643:21: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (realpath( resolve_in, resolve_out ) == NULL) data/hercules-3.13/tuntap.c:81:25: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!(hercifc = getenv ("HERCULES_IFC"))) data/hercules-3.13/tuntap.c:817:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if( !( pszCfgCmd = getenv( "HERCULES_IFC" ) ) ) data/hercules-3.13/w32chan.c:21:46: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define LockScheduler() (EnterCriticalSection(&IOSchedulerLock)) data/hercules-3.13/w32chan.c:22:46: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define LockThreadParms(pThreadParms) (EnterCriticalSection(&pThreadParms->IORequestListLock)) data/hercules-3.13/w32ctca.c:131:9: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection( &g_tt32_lock ); data/hercules-3.13/w32ctca.c:135:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&g_tt32_lock); data/hercules-3.13/w32ctca.c:145:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ( !( pszDLLName = getenv( "HERCULES_IFC" ) ) ) data/hercules-3.13/w32ctca.c:187:22: [3] (misc) LoadLibraryEx: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. g_tt32_hmoddll = LoadLibraryEx( g_tt32_dllname, NULL, LOAD_WITH_ALTERED_SEARCH_PATH ); data/hercules-3.13/w32ctca.c:195:26: [3] (misc) LoadLibraryEx: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. g_tt32_hmoddll = LoadLibraryEx( g_tt32_dllname, NULL, LOAD_WITH_ALTERED_SEARCH_PATH ); data/hercules-3.13/w32dl.h:12:28: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. (void*) ((_name) ? LoadLibrary((_name)) : GetModuleHandle( NULL ) ) data/hercules-3.13/w32util.c:1013:18: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. DLL_EXPORT char* realpath ( const char* file_name, char* resolved_name ) data/hercules-3.13/w32util.c:1305:5: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection( &cs ); data/hercules-3.13/w32util.c:2458:16: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. bSuccess = CreateProcess data/hercules-3.13/w32util.c:2458:16: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. bSuccess = CreateProcess data/hercules-3.13/w32util.c:2545:9: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection( &pPipedProcessCtl->csLock ); data/hercules-3.13/w32util.c:2815:13: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection( &pPipedProcessCtl->csLock ); data/hercules-3.13/w32util.h:136:24: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. W32_DLL_IMPORT char* realpath ( const char* file_name, char* resolved_name ); data/hercules-3.13/awstape.c:119:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/bldcfg.c:90:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; /* Config statement buffer */ data/hercules-3.13/bldcfg.c:92:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; /* Config statement buffer */ data/hercules-3.13/bldcfg.c:97:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *addargv[MAX_ARGS]; /* Additional argument array */ data/hercules-3.13/bldcfg.c:272:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirwrk[ MAX_PATH ] = {0}; data/hercules-3.13/bldcfg.c:737:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hlogofile[FILENAME_MAX+1] = ""; /* File name from HERCLOGO */ data/hercules-3.13/bldcfg.c:738:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/bldcfg.c:752:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inc_fp[inc_level] = fopen (pathname, "r"); data/hercules-3.13/bldcfg.c:926:33: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inc_fp[inc_level] = fopen (pathname, "r"); data/hercules-3.13/bldcfg.c:1573:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[ MAX_PATH ]; data/hercules-3.13/bldcfg.c:1715:33: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inc_fp[inc_level] = fopen (pathname, "r"); data/hercules-3.13/bootstrap.c:74:8: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static TCHAR g_szSaveTitle[ 512 ] = {0}; data/hercules-3.13/bootstrap.c:334:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char g_host_info_str [ 1024 ]; data/hercules-3.13/cardpch.c:168:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/cardpch.c:282:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/cardpch.c:301:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/cardrdr.c:409:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/cardrdr.c:775:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->buf + dev->cardpos, num); data/hercules-3.13/cardrdr.c:815:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/cardrdr.c:834:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/cckddasd.c:291:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[0] = (fdflags & O_RDWR) ? CCKD_OPEN_RW : CCKD_OPEN_RO; data/hercules-3.13/cckddasd.c:295:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[i] = CCKD_OPEN_NONE; data/hercules-3.13/cckddasd.c:402:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[i] = 0; data/hercules-3.13/cckddasd.c:553:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/cckddasd.c:567:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[sfx] = flags & O_RDWR ? CCKD_OPEN_RW : data/hercules-3.13/cckddasd.c:568:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[sfx] == CCKD_OPEN_RW ? data/hercules-3.13/cckddasd.c:581:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[sfx] = CCKD_OPEN_NONE; data/hercules-3.13/cckddasd.c:930:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf && len > 0) memcpy (dev->buf + off, buf, len); data/hercules-3.13/cckddasd.c:1112:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf) memcpy (dev->buf + off, buf, len); data/hercules-3.13/cckddasd.c:2303:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cckd->open[sfx] == CCKD_OPEN_RW) data/hercules-3.13/cckddasd.c:2655:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&fsp[0], "FREE_BLK", 8); data/hercules-3.13/cckddasd.c:2983:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (l2) memcpy (&cckd->l2[l2x], l2, CCKD_L2ENT_SIZE); data/hercules-3.13/cckddasd.c:3145:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). || cckd->open[cckd->sfn] != CCKD_OPEN_RW) data/hercules-3.13/cckddasd.c:3298:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos, eighthexFF, 8); data/hercules-3.13/cckddasd.c:3438:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cchh[4],cchh2[4]; /* Cyl, head big-endian */ data/hercules-3.13/cckddasd.c:3472:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cchh2, &buf[5], 4); cchh2[0] &= 0x7f; /* fix for ovflow */ data/hercules-3.13/cckddasd.c:3488:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cchh2, &buf[sz], 4); cchh2[0] &= 0x7f; data/hercules-3.13/cckddasd.c:3549:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/cckddasd.c:3607:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cckd->open[cckd->sfn] == CCKD_OPEN_RO) data/hercules-3.13/cckddasd.c:3614:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cckd->open[i] == CCKD_OPEN_RO) continue; data/hercules-3.13/cckddasd.c:3678:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&cckd->cdevhdr[cckd->sfn+1], &cckd->cdevhdr[cckd->sfn], CCKDDASD_DEVHDR_SIZE); data/hercules-3.13/cckddasd.c:3711:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->open[cckd->sfn+1] = CCKD_OPEN_NONE; data/hercules-3.13/cckddasd.c:3793:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cckd->open[cckd->sfn-1] == CCKD_OPEN_RW) data/hercules-3.13/cckddasd.c:4394:53: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->cdevhdr[0].free_number, ost[cckd->open[0]], data/hercules-3.13/cckddasd.c:4406:57: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cckd->cdevhdr[i].free_number, ost[cckd->open[i]], data/hercules-3.13/cckddasd.c:4524:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cckd->open[cckd->sfn] != CCKD_OPEN_RW) data/hercules-3.13/cckddasd.c:5122:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (to, from, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckddasd.c:5153:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (to, from, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckddasd.c:5222:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, from, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckddasd.c:5255:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, from, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckddasd.c:5665:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[64]; data/hercules-3.13/cckddiag.c:187:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (obuf, ibuf, bufl); data/hercules-3.13/cckddiag.c:193:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (obuf, ibuf, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckddiag.c:214:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(obuf, ibuf, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckddiag.c:303:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[81]; /* error message buffer */ data/hercules-3.13/cckddiag.c:410:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/cckdfix.c:11:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/cckdutil.c:286:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[4]; data/hercules-3.13/cckdutil.c:288:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&temp, c, 4); data/hercules-3.13/cckdutil.c:300:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[2]; data/hercules-3.13/cckdutil.c:302:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&temp, c, 2); data/hercules-3.13/cckdutil.c:315:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[sizeof (long)]; data/hercules-3.13/cckdutil.c:580:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (p, &spctab[i].val, sizeof(spctab[i].val)); data/hercules-3.13/cckdutil.c:582:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (p, &spctab[i].len, sizeof(spctab[i].len)); data/hercules-3.13/cckdutil.c:1375:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char space1[32], space2[32]; data/hercules-3.13/cckdutil.c:1381:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(space1+j, "[%d]", spctab[i].val); data/hercules-3.13/cckdutil.c:1384:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(space2+j, "[%d]", spctab[i+1].val); data/hercules-3.13/cckdutil.c:2103:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (l2[l1x], &empty_l2, len); data/hercules-3.13/cckdutil.c:2368:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (fsp, "FREE_BLK", 8); data/hercules-3.13/cckdutil.c:2615:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf2, buf, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckdutil.c:2629:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf2, buf, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/cckdutil.c:2688:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[4096]; data/hercules-3.13/cckdutil.c:2693:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i = sprintf (msg, "HHCCU%3.3d%c ", data/hercules-3.13/cckdutil.c:2697:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i += sprintf (msg+i, "%4.4X file[%d]: ", dev->devnum, sfx); data/hercules-3.13/cgibin.c:141:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). refresh_interval = atoi(value); data/hercules-3.13/cgibin.c:219:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). msgcount = atoi(value); data/hercules-3.13/cgibin.c:222:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). msgcount = atoi(value); data/hercules-3.13/cgibin.c:225:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). refresh_interval = atoi(value); data/hercules-3.13/cgibin.c:367:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cpu = atoi(value); data/hercules-3.13/cgibin.c:401:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regname[16]; data/hercules-3.13/cgibin.c:402:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(regname,"alter_gr%d",i); data/hercules-3.13/cgibin.c:417:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regname[16]; data/hercules-3.13/cgibin.c:418:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(regname,"alter_cr%d",i); data/hercules-3.13/cgibin.c:433:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regname[16]; data/hercules-3.13/cgibin.c:434:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(regname,"alter_ar%d",i); data/hercules-3.13/cgibin.c:1036:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cpuname[8], *cpustate; data/hercules-3.13/cgibin.c:1039:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cpuname,"cpu%d",i); data/hercules-3.13/cgibin.c:1116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/hercules-3.13/channel.c:77:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. j = sprintf ((char *)area, data/hercules-3.13/channel.c:269:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, dev->pcicsw, 8); data/hercules-3.13/channel.c:276:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, dev->csw, 8); data/hercules-3.13/channel.c:281:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, dev->attncsw, 8); data/hercules-3.13/channel.c:304:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, dev->csw, 8); data/hercules-3.13/channel.c:385:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, dev->csw, 8); data/hercules-3.13/channel.c:402:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, dev->csw, 8); data/hercules-3.13/channel.c:1317:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[32]; data/hercules-3.13/channel.c:1844:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->mainstor + midawdat, data/hercules-3.13/channel.c:1854:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->mainstor + midawdat, iobuf, midawlen); data/hercules-3.13/channel.c:1856:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->mainstor + midawdat, midawlen); data/hercules-3.13/channel.c:1932:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->mainstor + idadata, data/hercules-3.13/channel.c:1938:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->mainstor + idadata, iobuf, idalen); data/hercules-3.13/channel.c:1940:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->mainstor + idadata, idalen); data/hercules-3.13/channel.c:2036:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dev->mainstor + addr,iobuf + dev->curblkrem, count); data/hercules-3.13/channel.c:2040:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->mainstor + addr, iobuf, count); data/hercules-3.13/channel.c:2045:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->mainstor + addr, count); data/hercules-3.13/channel.c:2228:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&dev->orb, orb, sizeof(ORB)); /*@IWZ*/ data/hercules-3.13/channel.c:2343:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[32]; data/hercules-3.13/channel.c:3291:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->ecw, dev->sense, dev->esw.erw1 & ERW1_SCNT); data/hercules-3.13/channel.c:3556:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (csw, pendcsw , 8); data/hercules-3.13/channel.c:3561:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (csw, pendcsw , 8); data/hercules-3.13/channel.c:3566:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (csw, pendcsw , 8); data/hercules-3.13/chsc.c:83:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(chsc_rsp4->chpid, dev->pmcw.chpid, 8); data/hercules-3.13/ckddasd.c:219:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/ckddasd.c:1066:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf) memcpy (dev->buf + off, buf, len); data/hercules-3.13/ckddasd.c:1530:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (trkhdr) memcpy (trkhdr, &dev->buf[dev->bufoff], CKDDASD_TRKHDR_SIZE); data/hercules-3.13/ckddasd.c:1668:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (rechdr, &dev->buf[dev->bufoff], CKDDASD_RECHDR_SIZE); data/hercules-3.13/ckddasd.c:1787:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, &dev->buf[dev->bufoff], dev->ckdcurkl); data/hercules-3.13/ckddasd.c:1836:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, &dev->buf[dev->bufoff], dev->ckdcurdl); data/hercules-3.13/ckddasd.c:1868:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&rechdr, buf, (len < CKDDASD_RECHDR_SIZE) ? data/hercules-3.13/ckddasd.c:1924:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&rechdr, buf, (len < CKDDASD_RECHDR_SIZE) ? data/hercules-3.13/ckddasd.c:2545:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, &rechdr, CKDDASD_RECHDR_SIZE); data/hercules-3.13/ckddasd.c:2618:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, &rechdr, CKDDASD_RECHDR_SIZE); data/hercules-3.13/ckddasd.c:2700:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, &trkhdr, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/ckddasd.c:2814:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, &rechdr, CKDDASD_RECHDR_SIZE); data/hercules-3.13/ckddasd.c:2914:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf + size, &rechdr, CKDDASD_RECHDR_SIZE); data/hercules-3.13/ckddasd.c:3002:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf + size, &rechdr, CKDDASD_RECHDR_SIZE); data/hercules-3.13/ckddasd.c:3140:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf+4, iobuf+8, 4); // Copy message identifier from bytes 8-11 data/hercules-3.13/ckddasd.c:3237:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ((char *)&iobuf[4], "00%4.4X HRCZZ000000000001", data/hercules-3.13/ckddasd.c:4578:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cchhr, iobuf+8, 5); data/hercules-3.13/ckddasd.c:4938:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cchhr, iobuf+8, 5); data/hercules-3.13/ckddasd.c:5401:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devchar, num); data/hercules-3.13/ckddasd.c:5599:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/ckddasd.c:5636:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/ckddasd.c:5658:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf+1, dev->pgid, 11); data/hercules-3.13/ckddasd.c:5697:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->pgid, iobuf+1, 11); data/hercules-3.13/clock.c:414:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SR_MAX_STRING_LENGTH]; data/hercules-3.13/clock.c:442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SR_MAX_STRING_LENGTH]; data/hercules-3.13/cmdtab.c:317:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[MAX_CMD_LEN]; /* Copy of panel command */ data/hercules-3.13/cmpsc.c:1312:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cc->dest[ofst], mem, cc->smbsz); data/hercules-3.13/cmpsc.c:1329:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&main1[ofst], mem, len1); data/hercules-3.13/cmpsc.c:1330:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cc->dest, &mem[len1], cc->smbsz - len1); data/hercules-3.13/cmpsc.c:1481:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ec.oc[ec.ocl], &ec.ec[ec.eci[iss[i]]], ec.ecl[iss[i]]); data/hercules-3.13/cmpsc.c:1570:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ec->oc[ec->ocl + ECE_ofst(ece)], &ece[2], psl); data/hercules-3.13/cmpsc.c:1604:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ec->oc[ec->ocl], &ece[1], csl); data/hercules-3.13/cmpsc.c:1607:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ec->ec[ec->ecwm], &ec->oc[ec->ocl], cw); data/hercules-3.13/cmpsc.c:1722:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &ec->src[ofst], len1); data/hercules-3.13/cmpsc.c:1724:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&buf[len1], ec->src, ec->smbsz - len1); data/hercules-3.13/cmpsc.c:1943:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pbuf, buf, len); data/hercules-3.13/cmpsc.c:1954:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ec->dest[ofst], buf, len); data/hercules-3.13/cmpsc.c:1971:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&main1[ofst], buf, len1); data/hercules-3.13/cmpsc.c:1975:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ec->dest, &buf[len1], (len2 > 0x800 ? 0x800 : len2)); data/hercules-3.13/comm3705.c:68:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010201[3] = {0x01, 0x02, 0x01}; data/hercules-3.13/comm3705.c:69:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010202[3] = {0x01, 0x02, 0x02}; data/hercules-3.13/comm3705.c:70:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010203[3] = {0x01, 0x02, 0x03}; data/hercules-3.13/comm3705.c:71:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010204[3] = {0x01, 0x02, 0x04}; data/hercules-3.13/comm3705.c:72:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010205[3] = {0x01, 0x02, 0x05}; data/hercules-3.13/comm3705.c:73:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R01020A[3] = {0x01, 0x02, 0x0A}; data/hercules-3.13/comm3705.c:74:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R01020B[3] = {0x01, 0x02, 0x0B}; data/hercules-3.13/comm3705.c:75:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R01020F[3] = {0x01, 0x02, 0x0F}; data/hercules-3.13/comm3705.c:76:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010211[3] = {0x01, 0x02, 0x11}; data/hercules-3.13/comm3705.c:77:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010216[3] = {0x01, 0x02, 0x16}; data/hercules-3.13/comm3705.c:78:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010217[3] = {0x01, 0x02, 0x17}; data/hercules-3.13/comm3705.c:79:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010219[3] = {0x01, 0x02, 0x19}; data/hercules-3.13/comm3705.c:80:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R01021A[3] = {0x01, 0x02, 0x1A}; data/hercules-3.13/comm3705.c:81:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R01021B[3] = {0x01, 0x02, 0x1B}; data/hercules-3.13/comm3705.c:82:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010280[3] = {0x01, 0x02, 0x80}; data/hercules-3.13/comm3705.c:83:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010281[3] = {0x01, 0x02, 0x81}; data/hercules-3.13/comm3705.c:84:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R010284[3] = {0x01, 0x02, 0x84}; data/hercules-3.13/comm3705.c:375:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin->sin_port = htons(atoi(serv)); data/hercules-3.13/comm3705.c:785:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; /* Message buffer */ data/hercules-3.13/comm3705.c:786:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conmsg[256]; /* Connection message */ data/hercules-3.13/comm3705.c:787:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devmsg[25]; /* Device message */ data/hercules-3.13/comm3705.c:788:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostmsg[256]; /* Host ID message */ data/hercules-3.13/comm3705.c:789:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num_procs[16]; /* #of processors string */ data/hercules-3.13/comm3705.c:790:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char group[16]; /* Console group */ data/hercules-3.13/comm3705.c:1049:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pno=atoi(txt); data/hercules-3.13/comm3705.c:1072:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ia,he->h_addr_list[0],4); data/hercules-3.13/comm3705.c:1081:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msgtext[256]; data/hercules-3.13/comm3705.c:1368:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[32]; data/hercules-3.13/comm3705.c:1369:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name2[32]; data/hercules-3.13/comm3705.c:1377:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[80]; data/hercules-3.13/comm3705.c:1410:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dev->commadpt->locncpnm,"MHP3705 "); /* local NCP name */ data/hercules-3.13/comm3705.c:1411:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dev->commadpt->rmtncpnm,"MHPRMT1 "); /* remote NCP name */ data/hercules-3.13/comm3705.c:1473:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->locsuba = (atoi(res.text)<<11); /* (maxsuba=31) */ data/hercules-3.13/comm3705.c:1476:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->rmtsuba = (atoi(res.text)<<11); /* (maxsuba=31) */ data/hercules-3.13/comm3705.c:1479:25: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dev->commadpt->locncpnm," "); data/hercules-3.13/comm3705.c:1481:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dev->commadpt->locncpnm[strlen(res.text)]," ",1); data/hercules-3.13/comm3705.c:1485:25: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dev->commadpt->rmtncpnm," "); data/hercules-3.13/comm3705.c:1487:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dev->commadpt->rmtncpnm[strlen(res.text)]," ",1); data/hercules-3.13/comm3705.c:1497:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->unitsz = atoi(res.text); data/hercules-3.13/comm3705.c:1500:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->ackspeed = atoi(res.text); data/hercules-3.13/comm3705.c:1632:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbuf[32]; data/hercules-3.13/comm3705.c:1633:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbuf2[32]; data/hercules-3.13/comm3705.c:1634:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbuf3[32]; data/hercules-3.13/comm3705.c:1635:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbuf4[32]; data/hercules-3.13/comm3705.c:1636:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbuf5[256]; data/hercules-3.13/comm3705.c:1637:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbuf6[32]; data/hercules-3.13/comm3705.c:1640:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%02X%02X %02X%02X %02X%02X %02X%02X %02X%02X", data/hercules-3.13/comm3705.c:1642:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf2, "%02X%02X%02X", data/hercules-3.13/comm3705.c:1646:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf3, "%02X", requestp[13]); data/hercules-3.13/comm3705.c:1647:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf4, "%02X", requestp[14]); data/hercules-3.13/comm3705.c:1650:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf4, "%02X", requestp[15]); data/hercules-3.13/comm3705.c:1766:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ru_ptr, &ca->inpbuf[bufp], ru_size); data/hercules-3.13/comm3705.c:2008:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &requestp[13], amt); data/hercules-3.13/comm3705.c:2022:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(obuf, &requestp[13], amt); data/hercules-3.13/comm3705.c:2068:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ru_ptr[ru_size],ca->rmtncpnm,8); /* load mod name */ data/hercules-3.13/comm3705.c:2073:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ru_ptr[ru_size],ca->locncpnm,8); /* load mod name */ data/hercules-3.13/comm3705.c:2227:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iobuf,dev->sense,num); data/hercules-3.13/comm3705.c:2248:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[BUFPD], piudata, piusize); data/hercules-3.13/comm3705.h:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char locncpnm[9], /* name of local NCP (in EBCDIC) */ data/hercules-3.13/commadpt.c:651:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pno=atoi(txt); data/hercules-3.13/commadpt.c:674:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ia,he->h_addr_list[0],4); data/hercules-3.13/commadpt.c:685:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbfr[256]; data/hercules-3.13/commadpt.c:845:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msgtext[256]; data/hercules-3.13/commadpt.c:1919:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[32]; data/hercules-3.13/commadpt.c:1927:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtbfr[64]; data/hercules-3.13/commadpt.c:1931:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[80]; data/hercules-3.13/commadpt.c:1933:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bf[4]; data/hercules-3.13/commadpt.c:2051:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->rto=atoi(res.text); data/hercules-3.13/commadpt.c:2054:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->pto=atoi(res.text); data/hercules-3.13/commadpt.c:2057:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->commadpt->eto=atoi(res.text); data/hercules-3.13/commadpt.c:2600:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iobuf,dev->sense,num); data/hercules-3.13/commadpt.c:2615:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/commadpt.c:2794:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dev->commadpt->dialdata,iobuf,num); data/hercules-3.13/con1052c.c:242:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->buf, num); data/hercules-3.13/con1052c.c:280:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/con1052c.c:299:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/config.c:79:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[16]; data/hercules-3.13/config.c:1226:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wrkbfr[16]; data/hercules-3.13/config.c:1289:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bfr[256]; data/hercules-3.13/config.c:1295:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lf=fopen(fn,"r"); data/hercules-3.13/config.c:1358:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). c = *p1; *p1 = 0; *idle = atoi(s+1); *p1 = c; data/hercules-3.13/config.c:1359:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). c = *p2; *p2 = 0; *intv = atoi(p1+1); *p2 = c; data/hercules-3.13/config.c:1360:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). c = *p3; *p3 = 0; *cnt = atoi(p2+1); *p3 = c; data/hercules-3.13/console.c:376:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin->sin_port = htons(atoi(serv)); data/hercules-3.13/console.c:1456:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). xpos=atoi(wrk); data/hercules-3.13/console.c:1461:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ypos=atoi(wrk); data/hercules-3.13/console.c:1556:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1920]; /* Message buffer */ data/hercules-3.13/console.c:1557:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conmsg[256]; /* Connection message */ data/hercules-3.13/console.c:1558:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devmsg[64]; /* Device message */ data/hercules-3.13/console.c:1559:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostmsg[256]; /* Host ID message */ data/hercules-3.13/console.c:1560:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num_procs[16]; /* #of processors string */ data/hercules-3.13/console.c:1561:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rejmsg[256]; /* Rejection message */ data/hercules-3.13/console.c:1562:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char group[16]; /* Console group */ data/hercules-3.13/console.c:2442:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acc[48]; data/hercules-3.13/console.c:2446:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip [16]; data/hercules-3.13/console.c:2447:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mask [16]; data/hercules-3.13/console.c:2532:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, dev->buf, len); data/hercules-3.13/console.c:2592:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&buf[len], &rbuf[3], rbuflen - 3); data/hercules-3.13/console.c:2738:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acc[48]; data/hercules-3.13/console.c:2742:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip [16]; data/hercules-3.13/console.c:2743:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mask [16]; data/hercules-3.13/console.c:3153:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf + len, iobuf, num); data/hercules-3.13/console.c:3241:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->buf, num); data/hercules-3.13/console.c:3332:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->buf, num); data/hercules-3.13/console.c:3367:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/console.c:3389:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/console.c:3550:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->buf, num); data/hercules-3.13/console.c:3588:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/console.c:3607:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/control.c:3368:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &newregs, regs, sysblk.regs_copy_len ); data/hercules-3.13/control.c:3539:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(regs->psw), &(newregs.psw), sizeof(newregs.psw)); data/hercules-3.13/control.c:3540:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->gr, newregs.gr, sizeof(newregs.gr)); data/hercules-3.13/control.c:3541:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->cr, newregs.cr, sizeof(newregs.cr)); data/hercules-3.13/control.c:3542:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->ar, newregs.ar, sizeof(newregs.ar)); data/hercules-3.13/control.c:5523:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_buf[128]; /* Log buffer */ data/hercules-3.13/control.c:6731:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sysib111->modcapaid, sysib111->model, sizeof(sysib111->model)); data/hercules-3.13/cpu.c:322:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dxcstr[8]={0}; /* " DXC=xx" if data excptn */ data/hercules-3.13/cpu.c:597:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dxcstr, " DXC=%2.2X", regs->dxc); data/hercules-3.13/cpu.c:1037:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (psa->csw, csw, 8); data/hercules-3.13/cpu.c:1614:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (®s, oldregs, sizeof(REGS)); data/hercules-3.13/cpu.c:1664:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oldregs, ®s, sizeof(REGS)); data/hercules-3.13/cpu.c:1891:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cregs, regs, sysblk.regs_copy_len); data/hercules-3.13/crypto.c:233:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sysblk.wkvpaes_reg[8], lparname, 8); data/hercules-3.13/crypto.c:234:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sysblk.wkvpdea_reg[8], lparname, 8); data/hercules-3.13/crypto/dyncrypt.c:255:30: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define XMEMCPY memcpy data/hercules-3.13/crypto/dyncrypt.c:274:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char Z[16], V[16]; data/hercules-3.13/crypto/dyncrypt.c:312:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char a_r[16], b_r[16], c_r[16]; data/hercules-3.13/crypto/dyncrypt.c:510:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&key[8], &buf[8], 8); data/hercules-3.13/crypto/dyncrypt.c:511:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cv, key, 8); data/hercules-3.13/crypto/dyncrypt.c:519:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cv, key, 16); data/hercules-3.13/crypto/dyncrypt.c:553:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cv, &cv[8], 8); data/hercules-3.13/crypto/dyncrypt.c:554:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cv[8], &key[i], 8); data/hercules-3.13/crypto/dyncrypt.c:580:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&key[keylen], sysblk.wkvpaes_reg, 32); data/hercules-3.13/crypto/dyncrypt.c:593:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &key[16], 8); data/hercules-3.13/crypto/dyncrypt.c:598:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key, cv, 8); data/hercules-3.13/crypto/dyncrypt.c:599:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&key[8], buf, 16); data/hercules-3.13/crypto/dyncrypt.c:623:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&key[keylen], sysblk.wkvpdea_reg, 24); data/hercules-3.13/crypto/dyncrypt.c:677:30: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define XMEMCPY memcpy data/hercules-3.13/crypto/dyncrypt.c:696:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char Z[16], V[16]; data/hercules-3.13/crypto/dyncrypt.c:734:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char a_r[16], b_r[16], c_r[16]; data/hercules-3.13/crypto/dyncrypt.c:780:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char exp_table[128][16]; data/hercules-3.13/crypto/dyncrypt.c:781:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char a[16]; data/hercules-3.13/crypto/dyncrypt.c:788:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(exp_table[128 - i], a, 16); data/hercules-3.13/crypto/dyncrypt.c:1386:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&message_block[message_blocklen - mbllen], ¶meter_block[parameter_blocklen], mbllen); data/hercules-3.13/crypto/dyncrypt.c:2259:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2270:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2279:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2294:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2303:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2318:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2358:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(parameter_block, ocv, 8); data/hercules-3.13/crypto/dyncrypt.c:2450:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 16); data/hercules-3.13/crypto/dyncrypt.c:2461:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 16); data/hercules-3.13/crypto/dyncrypt.c:2498:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(parameter_block, ocv, 16); data/hercules-3.13/crypto/dyncrypt.c:2569:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tcv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2595:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocv, message_block, 8); data/hercules-3.13/crypto/dyncrypt.c:2624:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(parameter_block, ocv, 8); data/hercules-3.13/crypto/dyncrypt.c:3974:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xts, tweak, 16); data/hercules-3.13/crypto/dyncrypt.c:3987:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if(!ibi[15]) memcpy(xts, tweak, 16); data/hercules-3.13/crypto/sha1.c:23:9: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define bcopy(_src,_dest,_len) memcpy(_dest,_src,_len) data/hercules-3.13/crypto/sha1.c:23:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define bcopy(_src,_dest,_len) memcpy(_dest,_src,_len) data/hercules-3.13/crypto/sha1.c:49:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. SHA1Transform(u_int32_t state[5], unsigned char buffer[SHA1_BLOCK_LENGTH]) data/hercules-3.13/crypto/sha1.c:53:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char c[64]; data/hercules-3.13/crypto/sha1.c:58:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char workspace[SHA1_BLOCK_LENGTH]; data/hercules-3.13/crypto/sha1.c:61:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(buffer, block, SHA1_BLOCK_LENGTH); data/hercules-3.13/crypto/sha1.c:131:9: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, &context->buffer[j], (i = 64 - j)); data/hercules-3.13/crypto/sha1.c:139:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(&data[i], &context->buffer[j], len - i); data/hercules-3.13/crypto/sha1.c:146:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. SHA1Final(unsigned char digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context) data/hercules-3.13/crypto/sha1.c:149:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char finalcount[8]; data/hercules-3.13/crypto/sha1.c:183:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sha1_process(sha1_context *ctx, unsigned char data[64]) data/hercules-3.13/crypto/sha1.h:20:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[SHA1_BLOCK_LENGTH]; data/hercules-3.13/crypto/sha1.h:24:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void SHA1Transform(u_int32_t state[5], unsigned char buffer[SHA1_BLOCK_LENGTH]); data/hercules-3.13/crypto/sha1.h:26:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void SHA1Final(unsigned char digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context); data/hercules-3.13/crypto/sha256.c:50:9: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define bcopy(_src,_dest,_len) memcpy(_dest,_src,_len) data/hercules-3.13/crypto/sha256.c:50:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define bcopy(_src,_dest,_len) memcpy(_dest,_src,_len) data/hercules-3.13/crypto/sha256.c:239:2: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(sha256_initial_hash_value, context->state, SHA256_DIGEST_LENGTH); data/hercules-3.13/crypto/sha256.c:424:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, &context->buffer[usedspace], freespace); data/hercules-3.13/crypto/sha256.c:431:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, &context->buffer[usedspace], len); data/hercules-3.13/crypto/sha256.c:447:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, context->buffer, len); data/hercules-3.13/crypto/sha256.c:492:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&context->buffer[SHA256_SHORT_BLOCK_LENGTH], &context->bitcount, sizeof(u_int64_t)); data/hercules-3.13/crypto/sha256.c:533:2: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(sha512_initial_hash_value, context->state, SHA512_DIGEST_LENGTH); data/hercules-3.13/crypto/sha256.c:718:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, &context->buffer[usedspace], freespace); data/hercules-3.13/crypto/sha256.c:725:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, &context->buffer[usedspace], len); data/hercules-3.13/crypto/sha256.c:741:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(data, context->buffer, len); data/hercules-3.13/crypto/sha256.c:784:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&context->buffer[SHA512_SHORT_BLOCK_LENGTH], &context->bitcount[1], sizeof(u_int64_t)); data/hercules-3.13/crypto/sha256.c:785:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8], &context->bitcount[0], sizeof(u_int64_t)); data/hercules-3.13/crypto/sha256.c:821:2: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(sha384_initial_hash_value, context->state, SHA512_DIGEST_LENGTH); data/hercules-3.13/ctc_ctci.c:111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[32]; // CTCI_ReadThread data/hercules-3.13/ctc_ctci.c:173:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pDevCTCBLK, pWrkCTCBLK, sizeof( CTCBLK ) ); data/hercules-3.13/ctc_ctci.c:193:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pDevCTCBLK->sMTU = atoi( pDevCTCBLK->szMTU ); data/hercules-3.13/ctc_ctci.c:501:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->sense, iNum ); data/hercules-3.13/ctc_ctci.c:526:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->devid, iNum ); data/hercules-3.13/ctc_ctci.c:726:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pCTCBLK->bFrameBuffer, iLength ); data/hercules-3.13/ctc_ctci.c:1093:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pSegment->bData, pData, iSize ); data/hercules-3.13/ctc_ctci.c:1128:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( pCTCBLK->szMTU, "1500" ); data/hercules-3.13/ctc_ctci.c:1129:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( pCTCBLK->szNetMask, "255.255.255.255" ); data/hercules-3.13/ctc_ctci.c:1252:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iKernBuff = atoi( optarg ); data/hercules-3.13/ctc_ctci.c:1266:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iIOBuff = atoi( optarg ); data/hercules-3.13/ctc_ctci.c:1281:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iMTU = atoi( optarg ); data/hercules-3.13/ctc_ctci.c:1399:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iMTU = atoi( *argv ); data/hercules-3.13/ctc_ctci.c:1509:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iKernBuff = atoi( *argv ); data/hercules-3.13/ctc_ctci.c:1526:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iIOBuff = atoi( *argv ); data/hercules-3.13/ctc_lcs.c:125:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &(reply), (pCmdFrame), sizeof( LCSCMDHDR )); \ data/hercules-3.13/ctc_lcs.c:567:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->sense, iNum ); data/hercules-3.13/ctc_lcs.c:592:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->devid, iNum ); data/hercules-3.13/ctc_lcs.c:906:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pLCSDEV->bFrameBuffer, iLength ); data/hercules-3.13/ctc_lcs.c:1556:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pPortMAC, pIFaceMAC, IFHWADDRLEN ); data/hercules-3.13/ctc_lcs.c:1563:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( reply.MAC_Address, pIFaceMAC, IFHWADDRLEN ); data/hercules-3.13/ctc_lcs.c:1955:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pLCSEthFrame->bData, pData, iSize ); data/hercules-3.13/ctc_lcs.c:2004:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pReplyCmdFrame, pReply, iSize ); data/hercules-3.13/ctc_lcs.c:2131:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iKernBuff = atoi( optarg ); data/hercules-3.13/ctc_lcs.c:2145:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iIOBuff = atoi( optarg ); data/hercules-3.13/ctc_lcs.c:2224:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBuff[255]; data/hercules-3.13/ctc_lcs.c:2248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; // pszOATName in host path format data/hercules-3.13/ctc_lcs.c:2252:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen( pathname, "r" ); data/hercules-3.13/ctcadpt.c:188:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *CTCE_CmdStr[16] = { data/hercules-3.13/ctcadpt.c:301:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *CTCE_StaStr[8] = {"P", "C", "R", "W", "A", "N", "X", "I"}; data/hercules-3.13/ctcadpt.c:907:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->sense, iNum ); data/hercules-3.13/ctcadpt.c:932:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->devid, iNum ); data/hercules-3.13/ctcadpt.c:960:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; // Thread name data/hercules-3.13/ctcadpt.c:973:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[20]=""; // temp space for IP address data/hercules-3.13/ctcadpt.c:1011:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &ipaddr, hp->h_addr, hp->h_length ); data/hercules-3.13/ctcadpt.c:1147:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( arg, &parm, sizeof( parm ) ); data/hercules-3.13/ctcadpt.c:1408:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pSegment->bData, pDEVBLK->buf, iLength ); data/hercules-3.13/ctcadpt.c:1443:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; data/hercules-3.13/ctcadpt.c:1593:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dev->filename, "vmnet"); data/hercules-3.13/ctcadpt.c:1876:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[20]=""; // temp space for IP address data/hercules-3.13/ctcadpt.c:2109:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->sense, iNum ); data/hercules-3.13/ctcadpt.c:2123:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->devid, iNum ); data/hercules-3.13/ctcadpt.c:2196:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; // Thread name data/hercules-3.13/ctcadpt.c:2208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[20]=""; // temp space for IP address data/hercules-3.13/ctcadpt.c:2276:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &dev->ctce_ipaddr, hp->h_addr, hp->h_length ); data/hercules-3.13/ctcadpt.c:2395:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( arg, &parm, sizeof( parm ) ); data/hercules-3.13/ctcadpt.c:2456:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; data/hercules-3.13/ctcadpt.c:2577:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pDEVBLK->buf + sizeof(CTCE_SOKPFX), pIOBuf, sCount ); data/hercules-3.13/ctcadpt.c:2740:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pIOBuf, pDEVBLK->buf + sizeof(CTCE_SOKPFX) + sizeof(pSokBuf->sCount), data/hercules-3.13/ctcadpt.c:2940:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pDEVBLK->buf + sizeof(CTCE_SOKPFX) + sizeof(pSokBuf->sCount) , data/hercules-3.13/ctcadpt.c:3168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work[((sizeof(MAC)*3)-0)]; data/hercules-3.13/ctcadpt.c:3220:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char print_chars[17]; data/hercules-3.13/ctcadpt.c:3302:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *CTCE_XfrStr[3] = { data/hercules-3.13/ctcadpt.c:3311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctce_state_l_xy[2]; // CTCE X+Y states, left data/hercules-3.13/ctcadpt.c:3312:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctce_state_r_xy[2]; // CTCE X+Y stares, right data/hercules-3.13/ctcadpt.c:3313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctce_trace_stat[16]; // to contain " Stat=.. CC=." data/hercules-3.13/ctcadpt.c:3314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctce_trace_xtra[256]; // to contain extra info when tracing data/hercules-3.13/ctcadpt.c:3315:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctce_trace_xtra_temp[256]; // temporary work area for the above data/hercules-3.13/ctcadpt.h:270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szGuestIPAddr[32]; // IP Address (Guest OS) data/hercules-3.13/ctcadpt.h:271:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDriveIPAddr[32]; // IP Address (Driver) data/hercules-3.13/ctcadpt.h:272:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szNetMask[32]; // Netmask for P2P link data/hercules-3.13/ctcadpt.h:273:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMTU[32]; data/hercules-3.13/ctcadpt.h:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTUNCharName[256]; // TUN/TAP char filename data/hercules-3.13/ctcadpt.h:275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTUNDevName[IFNAMSIZ]; // Network Device Name data/hercules-3.13/ctcadpt.h:276:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMACAddress[32]; // MAC Address data/hercules-3.13/ctcadpt.h:434:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szNetDevName[IFNAMSIZ]; // Network Device Name data/hercules-3.13/ctcadpt.h:435:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMACAddress[32]; // MAC Address data/hercules-3.13/ctcadpt.h:436:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szGWAddress[32]; // Gateway for W32 data/hercules-3.13/ctcadpt.h:475:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSerialNumber[13]; data/hercules-3.13/dasdcat.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char card[81]; data/hercules-3.13/dasdcat.c:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memname[9]; data/hercules-3.13/dasdcat.c:135:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memname_lc[9]; data/hercules-3.13/dasdcat.c:136:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memname_lc, memname, sizeof(memname)); data/hercules-3.13/dasdcat.c:223:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[100]; /* must fit max length DSNAME/MEMBER..OPTS */ data/hercules-3.13/dasdcat.c:224:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsname[45]; data/hercules-3.13/dasdconv.c:272:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdconv.c:388:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (itrkbuf, &h30trkhdr, H30CKD_TRKHDR_SIZE); data/hercules-3.13/dasdconv.c:397:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ((char *)volser, "(NONE)"); data/hercules-3.13/dasdconv.c:478:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdconv.c:509:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(devhdr.devid, "CKD_P370", 8); data/hercules-3.13/dasdconv.c:625:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (opos, kptr, klen); data/hercules-3.13/dasdconv.c:630:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (opos, dptr, dlen); data/hercules-3.13/dasdconv.c:637:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (opos, eighthexFF, 8); data/hercules-3.13/dasdconv.c:700:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sfname[260]; /* Suffixed name of this file*/ data/hercules-3.13/dasdconv.c:779:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (sfname + i, "_1"); data/hercules-3.13/dasdconv.c:785:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (sfname, "_1"); data/hercules-3.13/dasdconv.c:828:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifname[256]; /* Input file name */ data/hercules-3.13/dasdconv.c:829:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ofname[256]; /* Output file name */ data/hercules-3.13/dasdcopy.c:71:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msgbuf[512]; /* Message buffer */ data/hercules-3.13/dasdcopy.c:74:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdcopy.c:75:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgmpath[MAX_PATH]; /* prog path in host format */ data/hercules-3.13/dasdcopy.c:139:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (argc < 2 || (cyls = atoi(argv[1])) < 0) data/hercules-3.13/dasdcopy.c:146:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (argc < 2 || (blks = atoi(argv[1])) < 0) data/hercules-3.13/dasdcopy.c:496:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos, eighthexFF, 8); data/hercules-3.13/dasdcopy.c:507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char usage[8192]; data/hercules-3.13/dasdinit.c:146:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[1024]; /* File name */ data/hercules-3.13/dasdinit.c:147:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[7]; /* Volume serial number */ data/hercules-3.13/dasdisup.c:106:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* ofname in host path format*/ data/hercules-3.13/dasdisup.c:112:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (ofname, ".mac"); data/hercules-3.13/dasdisup.c:116:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofp = fopen (pathname, "w"); data/hercules-3.13/dasdisup.c:231:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memnama[9]; /* Member name (ASCIIZ) */ data/hercules-3.13/dasdisup.c:323:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (memtab[n].memname, dirent->pds2name, 8); data/hercules-3.13/dasdisup.c:324:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (memtab[n].ttrtext, dirent->pds2usrd + 0, 3); data/hercules-3.13/dasdisup.c:398:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memnama[9]; /* Member name (ASCIIZ) */ data/hercules-3.13/dasdisup.c:402:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char refnama[9]; /* Referred name (ASCIIZ) */ data/hercules-3.13/dasdisup.c:534:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (refname, prefix, 3); data/hercules-3.13/dasdisup.c:535:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (refname + 3, svcnum, 3); data/hercules-3.13/dasdisup.c:536:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (refname + 6, blkptr+xctloff, 2); data/hercules-3.13/dasdisup.c:577:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (blkptr+xctloff+2, memtab[i].ttrtext, 3); data/hercules-3.13/dasdload.c:196:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[8]; /* Name of dsorg */ data/hercules-3.13/dasdload.c:199:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (name, "IS"); data/hercules-3.13/dasdload.c:201:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (name, "PS"); data/hercules-3.13/dasdload.c:203:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (name, "DA"); data/hercules-3.13/dasdload.c:205:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (name, "PO"); data/hercules-3.13/dasdload.c:218:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[8]; /* Name of record format */ data/hercules-3.13/dasdload.c:228:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (name,"??"); data/hercules-3.13/dasdload.c:374:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* iplfnm in host path format*/ data/hercules-3.13/dasdload.c:444:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iplbuf + txtadr, objrec+16, txtlen); data/hercules-3.13/dasdload.c:497:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (trkbuf + *usedv, eighthexFF, 8); data/hercules-3.13/dasdload.c:530:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cif->trkbuf + *usedv, eighthexFF, 8); data/hercules-3.13/dasdload.c:664:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cif->trkbuf + *usedv, blk->kdarea, keylen + datalen); data/hercules-3.13/dasdload.c:711:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ipl2data + 32, "\x00\x00\x00\x00\x00\x01", 6); data/hercules-3.13/dasdload.c:712:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ipl2data + 38, "\x00\x00\x00\x01\x01", 5); data/hercules-3.13/dasdload.c:732:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+4, iplpsw, 8); data/hercules-3.13/dasdload.c:733:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+12, iplccw1, 8); data/hercules-3.13/dasdload.c:734:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+20, iplccw2, 8); data/hercules-3.13/dasdload.c:738:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+4, noiplpsw, 8); data/hercules-3.13/dasdload.c:739:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+12, noiplccw1, 8); data/hercules-3.13/dasdload.c:740:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+20, noiplccw2, 8); data/hercules-3.13/dasdload.c:759:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk->kdarea+4, ipl2data, sizeof(ipl2data)); data/hercules-3.13/dasdload.c:860:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&trkhdr, cif->trkbuf, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/dasdload.c:882:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&rechdr, cif->trkbuf + offset, CKDDASD_RECHDR_SIZE); data/hercules-3.13/dasdload.c:916:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cif->trkbuf + offset, blk->kdarea, keylen + datalen); data/hercules-3.13/dasdload.c:1272:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsnama[45]; /* Dataset name (ASCIIZ) */ data/hercules-3.13/dasdload.c:1546:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex[17]; /* Character work areas */ data/hercules-3.13/dasdload.c:1619:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex+2*j, "%2.2X", xbuf[bufpos+offset+i]); data/hercules-3.13/dasdload.c:1858:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tuutiln[9]; /* Utility name */ data/hercules-3.13/dasdload.c:1867:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tudsnam[45]; /* Data set name */ data/hercules-3.13/dasdload.c:1915:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tudsorg, fieldptr[0], fieldlen[0]); data/hercules-3.13/dasdload.c:1920:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (turecfm, fieldptr[0], fieldlen[0]); data/hercules-3.13/dasdload.c:2171:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memname[9]; /* Member name (ASCIIZ) */ data/hercules-3.13/dasdload.c:2173:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex[49]; /* Character work areas */ data/hercules-3.13/dasdload.c:2202:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (blkp, xbuf, blklen); data/hercules-3.13/dasdload.c:2279:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex+2*j, "%2.2X", dirent->pds2usrd[i]); data/hercules-3.13/dasdload.c:2327:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ttrptr, ttrtab[i].outpttr, 3); data/hercules-3.13/dasdload.c:2413:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&trkhdr, cif->trkbuf, CKDDASD_TRKHDR_SIZE); data/hercules-3.13/dasdload.c:2435:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&rechdr, cif->trkbuf + offset, CKDDASD_RECHDR_SIZE); data/hercules-3.13/dasdload.c:2473:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (¬elist, cif->trkbuf + offset, nllen); data/hercules-3.13/dasdload.c:2485:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cif->trkbuf + offset, ¬elist, nllen); data/hercules-3.13/dasdload.c:2537:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memname[9]; /* Member name (ASCIIZ) */ data/hercules-3.13/dasdload.c:2647:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xrecname[8]; /* XMIT control record name */ data/hercules-3.13/dasdload.c:2684:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* xfname in host path format*/ data/hercules-3.13/dasdload.c:3022:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *sys1name[NUM_SYS1_DATASETS] = data/hercules-3.13/dasdload.c:3047:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk.kdarea, eighthexFF, 8); data/hercules-3.13/dasdload.c:3056:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (catent->pds2name, cvol_low_key, 8); data/hercules-3.13/dasdload.c:3104:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (catent->pds2name, eighthexFF, 8); data/hercules-3.13/dasdload.c:3134:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk.kdarea, eighthexFF, 8); data/hercules-3.13/dasdload.c:3143:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (catent->pds2name, cvol_low_key, 8); data/hercules-3.13/dasdload.c:3213:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (catent->pds2name, eighthexFF, 8); data/hercules-3.13/dasdload.c:3472:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* sfname in host path format*/ data/hercules-3.13/dasdload.c:3697:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dataptr, recptr, reclen); data/hercules-3.13/dasdload.c:3741:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xrecname[8]; /* XMIT control record name */ data/hercules-3.13/dasdload.c:3762:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* xfname in host path format*/ data/hercules-3.13/dasdload.c:3976:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* tfname in host path format*/ data/hercules-3.13/dasdload.c:4009:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tfp = fopen(pathname, "r"); data/hercules-3.13/dasdload.c:4197:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk.kdarea, eighthexFF, 8); data/hercules-3.13/dasdload.c:4200:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (datablk.kdarea + keylen + 2, eighthexFF, 8); data/hercules-3.13/dasdload.c:4637:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsname[45]; /* Dataset name (ASCIIZ) */ data/hercules-3.13/dasdload.c:4649:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stmt[256]; /* Control file statement */ data/hercules-3.13/dasdload.c:4938:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cif->trkbuf + offset, volvtoc, sizeof(volvtoc)); data/hercules-3.13/dasdload.c:4980:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stmt[256]; /* Control file statement */ data/hercules-3.13/dasdload.c:4985:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* cfname in host path format*/ data/hercules-3.13/dasdload.c:5037:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cfp = fopen (pathname, "r"); data/hercules-3.13/dasdls.c:233:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsname[sizeof(f1dscb->ds1dsnam) + 1]; data/hercules-3.13/dasdls.c:234:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtrecfm[5] = ""; /* recfm text */ data/hercules-3.13/dasdls.c:387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[7]; data/hercules-3.13/dasdls.c:474:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dsnlen = atoi(fn+6); runflgs |= rf_info; continue; data/hercules-3.13/dasdls.c:482:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). yroffs = atoi(fn+8); runflgs |= rf_info; continue; data/hercules-3.13/dasdpdsu.c:53:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ofname[256]; /* Output file name */ data/hercules-3.13/dasdpdsu.c:55:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char card[81]; /* Logical record (ASCIIZ) */ data/hercules-3.13/dasdpdsu.c:56:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* ofname in host format */ data/hercules-3.13/dasdpdsu.c:62:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (ofname, ".mac"); data/hercules-3.13/dasdpdsu.c:66:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofp = fopen (pathname, (asciiflag? "w" : "wb")); data/hercules-3.13/dasdpdsu.c:170:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char memname[9]; /* Member name (ASCIIZ) */ data/hercules-3.13/dasdpdsu.c:229:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsnama[45]; /* Dataset name (ASCIIZ) */ data/hercules-3.13/dasdseq.c:104:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[sizeof(f1dscb->ds1dssn) + 1]; data/hercules-3.13/dasdseq.c:105:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsn[sizeof(f1dscb->ds1dsnam) + 1]; data/hercules-3.13/dasdseq.c:106:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtcredt[9]; // creation date data/hercules-3.13/dasdseq.c:107:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtexpdt[9] = "(n/a)"; // expiration date data/hercules-3.13/dasdseq.c:108:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtscr[20]; data/hercules-3.13/dasdseq.c:109:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtsyscd[14]; data/hercules-3.13/dasdseq.c:110:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtdsorg[5] = ""; // dsorg text data/hercules-3.13/dasdseq.c:111:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtrecfm[5] = ""; // recfm text data/hercules-3.13/dasdseq.c:124:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(txtcredt, "%4.4d", x); data/hercules-3.13/dasdseq.c:126:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(txtscr, "%3.3d", y); data/hercules-3.13/dasdseq.c:131:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(txtexpdt, "%4.4d", x); data/hercules-3.13/dasdseq.c:133:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(txtscr, ".%3.3d", y); data/hercules-3.13/dasdseq.c:142:49: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (dsorg & (DSORG_IS * 256)) strcpy(txtdsorg, "IS"); data/hercules-3.13/dasdseq.c:143:49: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (dsorg & (DSORG_PS * 256)) strcpy(txtdsorg, "PS"); data/hercules-3.13/dasdseq.c:144:49: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (dsorg & (DSORG_DA * 256)) strcpy(txtdsorg, "DA"); data/hercules-3.13/dasdseq.c:145:49: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (dsorg & (DSORG_PO * 256)) strcpy(txtdsorg, "PO"); data/hercules-3.13/dasdseq.c:146:49: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (dsorg & DSORG_AM) strcpy(txtdsorg, "VS"); data/hercules-3.13/dasdseq.c:147:49: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (txtdsorg[0] == '\0') strcpy(txtdsorg, "??"); data/hercules-3.13/dasdseq.c:239:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zdsn[sizeof(f1dscb->ds1dsnam) + 1]; // ascii dsn data/hercules-3.13/dasdseq.c:571:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) lrecl = atoi(*argv++); // lrecl value data/hercules-3.13/dasdseq.c:578:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) heads = atoi(*argv++); // heads value data/hercules-3.13/dasdseq.c:587:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) abscyl = atoi(*argv++); // abs cc data/hercules-3.13/dasdseq.c:588:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) abshead = atoi(*argv++); // abs hh data/hercules-3.13/dasdseq.c:589:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) abstrk = atoi(*argv++); // abs tracks data/hercules-3.13/dasdseq.c:624:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) local_verbose = atoi(*argv++); data/hercules-3.13/dasdseq.c:625:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (*argv) copy_verbose = atoi(*argv++); data/hercules-3.13/dasdseq.c:627:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). util_verbose = atoi(*argv++); data/hercules-3.13/dasdseq.c:686:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)glbuf, plabel, sizeof(DASD_VOL_LABEL)); data/hercules-3.13/dasdseq.c:728:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vtockey[sizeof(f4dscb->ds4keyid)]; data/hercules-3.13/dasdseq.c:762:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &f4dscb->ds4keyid, f4key, f4kl); // copy F4 key into buffer data/hercules-3.13/dasdseq.c:763:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &f4dscb->ds4fmtid, f4data, f4dl); // copy F4 data into buffer data/hercules-3.13/dasdseq.c:764:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) vtocx, (void *)&f4dscb->ds4vtoce, data/hercules-3.13/dasdseq.c:833:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zdsn[sizeof(f1dscb->ds1dsnam) + 1]; // zASCII dsn data/hercules-3.13/dasdseq.c:878:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &f1dscb->ds1dsnam, data/hercules-3.13/dasdseq.c:880:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &f1dscb->ds1fmtid, data/hercules-3.13/dasdseq.c:969:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &f3dscb->ds3keyid, data/hercules-3.13/dasdseq.c:971:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) ((BYTE*)f3dscb + f3kl), data/hercules-3.13/dasdseq.c:1049:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f1x, &dadsm->f1buf.ds1ext1, sizeof(DSXTENT) * 3); data/hercules-3.13/dasdseq.c:1073:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f1x, &dadsm->f3buf.ds3extnt[0], sizeof(DSXTENT) * 4); data/hercules-3.13/dasdseq.c:1081:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f1x, &dadsm->f3buf.ds3adext[0], sizeof(DSXTENT) * 9); data/hercules-3.13/dasdseq.c:1098:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/dasdseq.c:1155:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(pathname, (tran_ascii) ? "wb" : "w"); data/hercules-3.13/dasdtab.c:444:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ((char *)&buf[4], " %4.4X0%2.2XHRCZZ000000000001", data/hercules-3.13/dasdtab.c:452:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ((char *)&buf[36], " %4.4X0%2.2XHRCZZ000000000001", data/hercules-3.13/dasdtab.c:460:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ((char *)&buf[68], " %4.4X0%2.2XHRCZZ000000000001", data/hercules-3.13/dasdtab.c:469:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ((char *)&buf[100], " %4.4X HRCZZ000000000001", data/hercules-3.13/dasdtab.c:499:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, buf, count); data/hercules-3.13/dasdtab.c:529:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, buf, count); data/hercules-3.13/dasdutil.c:112:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char print_chars[17]; data/hercules-3.13/dasdutil.c:113:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex_chars[64]; data/hercules-3.13/dasdutil.c:114:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prev_hex[64] = ""; data/hercules-3.13/dasdutil.c:165:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex_chars+xi, "%2.2X", c); data/hercules-3.13/dasdutil.c:514:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2]; /* Arguments to */ data/hercules-3.13/dasdutil.c:516:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sfxname[FILENAME_MAX*2];/* Suffixed file name */ data/hercules-3.13/dasdutil.c:517:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typname[64]; data/hercules-3.13/dasdutil.c:518:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdutil.c:570:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (sfxname + i, "_1"); data/hercules-3.13/dasdutil.c:578:21: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (sfxname, "_1"); data/hercules-3.13/dasdutil.c:751:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2]; /* Arguments to */ data/hercules-3.13/dasdutil.c:854:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[7]; /* Volume serial (ASCIIZ) */ data/hercules-3.13/dasdutil.c:1165:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdutil.c:1217:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(devhdr.devid, "CKD_P370", 8); data/hercules-3.13/dasdutil.c:1219:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(devhdr.devid, "CKD_C370", 8); data/hercules-3.13/dasdutil.c:1365:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos, iplpsw, 8); data/hercules-3.13/dasdutil.c:1366:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos+8, iplccw1, 8); data/hercules-3.13/dasdutil.c:1367:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos+16, iplccw2, 8); data/hercules-3.13/dasdutil.c:1570:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos, eighthexFF, 8); data/hercules-3.13/dasdutil.c:1705:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sfname[FILENAME_MAX]; /* Suffixed name of this file*/ data/hercules-3.13/dasdutil.c:1784:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (sfname + i, "_1"); data/hercules-3.13/dasdutil.c:1792:17: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (sfname, "_1"); data/hercules-3.13/dasdutil.c:1854:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdutil.c:2007:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dasdutil.c:2044:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&devhdr.devid, "FBA_C370", 8); data/hercules-3.13/decNumber/decNumber.c:2263:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "Infinity"); data/hercules-3.13/decNumber/decNumber.c:2270:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "NaN"); data/hercules-3.13/decNumber/decimal128.c:384:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "Infinity"); data/hercules-3.13/decNumber/decimal128.c:388:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "NaN"); // complete word data/hercules-3.13/decNumber/decimal128.c:410:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (c!=cstart) {memcpy(c, u+1, 4); c+=3;} \ data/hercules-3.13/decNumber/decimal128.c:411:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. else if (*u) {memcpy(c, u+4-*u, 4); c+=*u;} data/hercules-3.13/decNumber/decimal128.c:473:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, u+4-*u, 4); // copy fixed 4 characters [is safe] data/hercules-3.13/decNumber/decimal128.c:481:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, u+1, 4); // copy fixed 3+1 characters [is safe] data/hercules-3.13/decNumber/decimal128.c:540:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[DECIMAL128_Bytes*2+1]; data/hercules-3.13/decNumber/decimal128.c:546:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02x", d128->bytes[15-i]); data/hercules-3.13/decNumber/decimal128.c:556:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02x", d128->bytes[i]); data/hercules-3.13/decNumber/decimal32.c:330:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "Infinity"); data/hercules-3.13/decNumber/decimal32.c:334:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "NaN"); // complete word data/hercules-3.13/decNumber/decimal32.c:355:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (c!=cstart) {memcpy(c, u+1, 4); c+=3;} \ data/hercules-3.13/decNumber/decimal32.c:356:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. else if (*u) {memcpy(c, u+4-*u, 4); c+=*u;} data/hercules-3.13/decNumber/decimal32.c:400:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, u+4-*u, 4); // copy fixed 4 characters [is safe] data/hercules-3.13/decNumber/decimal32.c:458:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[DECIMAL32_Bytes*2+1]; data/hercules-3.13/decNumber/decimal32.c:464:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02x", d32->bytes[3-i]); data/hercules-3.13/decNumber/decimal32.c:473:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02x", d32->bytes[i]); data/hercules-3.13/decNumber/decimal64.c:384:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "Infinity"); data/hercules-3.13/decNumber/decimal64.c:388:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c, "NaN"); // complete word data/hercules-3.13/decNumber/decimal64.c:409:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (c!=cstart) {memcpy(c, u+1, 4); c+=3;} \ data/hercules-3.13/decNumber/decimal64.c:410:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. else if (*u) {memcpy(c, u+4-*u, 4); c+=*u;} data/hercules-3.13/decNumber/decimal64.c:460:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, u+4-*u, 4); // copy fixed 4 characters [is safe] data/hercules-3.13/decNumber/decimal64.c:519:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[DECIMAL64_Bytes*2+1]; data/hercules-3.13/decNumber/decimal64.c:525:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02x", d64->bytes[7-i]); data/hercules-3.13/decNumber/decimal64.c:534:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02x", d64->bytes[i]); data/hercules-3.13/decimal.c:225:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result, data/hercules-3.13/decimal.c:446:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (rem, dec1, MAX_DECIMAL_DIGITS); data/hercules-3.13/decimal.c:723:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dec3, dec1, MAX_DECIMAL_DIGITS); data/hercules-3.13/decimal.c:730:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dec3, dec2, MAX_DECIMAL_DIGITS); data/hercules-3.13/decimal.c:1277:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dec3, dec1, MAX_DECIMAL_DIGITS); data/hercules-3.13/decimal.c:1284:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dec3, dec2, MAX_DECIMAL_DIGITS); data/hercules-3.13/dfp.c:488:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[32]; /* Zoned decimal work area */ data/hercules-3.13/dfp.c:655:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zd[MAXDECSTRLEN+64]; /* Zoned decimal work area */ data/hercules-3.13/dfp.c:828:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[32]; /* Zoned decimal work area */ data/hercules-3.13/dfp.c:874:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[32]; /* Zoned decimal work area */ data/hercules-3.13/dfp.c:909:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[32]; /* Zoned decimal work area */ data/hercules-3.13/dfp.c:1264:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zwork[1+CXZT_MAXLEN+1]; /* Sign + digits + null */ data/hercules-3.13/dfp.c:1332:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zwork[MAXDECSTRLEN+64]; /* Decimal string work area */ data/hercules-3.13/dfp.c:2544:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[CXZT_MAXLEN]; /* Zoned decimal operand */ data/hercules-3.13/dfp.c:2594:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[CDZT_MAXLEN]; /* Zoned decimal operand */ data/hercules-3.13/dfp.c:3219:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[CZXT_MAXLEN]; /* Zoned decimal result */ data/hercules-3.13/dfp.c:3270:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zoned[CZDT_MAXLEN]; /* Zoned decimal result */ data/hercules-3.13/diagmssf.c:522:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(partinfo->partname,physical,sizeof(physical)); data/hercules-3.13/diagmssf.c:647:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(partxinfo->partname,physical,sizeof(physical)); data/hercules-3.13/diagmssf.c:735:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p,diag224_cputable,sizeof(diag224_cputable)-1); data/hercules-3.13/diagnose.c:54:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32+1]; data/hercules-3.13/diagnose.c:55:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[64]; data/hercules-3.13/diagnose.c:103:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iplcmd[256]; data/hercules-3.13/dmap2hrc.c:34:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[4]; /* Type of device */ data/hercules-3.13/dmap2hrc.c:40:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[45]; /* name of file on disk */ data/hercules-3.13/dmap2hrc.c:45:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[50]; /* device filename */ data/hercules-3.13/dmap2hrc.c:62:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_type[5]; /* Device type to print */ data/hercules-3.13/dmap2hrc.c:65:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/dmap2hrc.c:187:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(output_type, "3270"); data/hercules-3.13/dmap2hrc.c:191:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(output_type, "3505"); data/hercules-3.13/dyngui.c:147:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( ©regs, regs, sysblk.regs_copy_len ); data/hercules-3.13/dyngui.c:158:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( ©sieregs, regs->guestregs, sysblk.regs_copy_len ); data/hercules-3.13/dyngui.c:300:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pszCommandBuff, pszInputBuff, nCommandLen); data/hercules-3.13/dyngui.c:386:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_gregs = atoi(pszCommand+6); data/hercules-3.13/dyngui.c:392:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_gregs64 = atoi(pszCommand+8); data/hercules-3.13/dyngui.c:398:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_cregs = atoi(pszCommand+6); data/hercules-3.13/dyngui.c:404:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_cregs64 = atoi(pszCommand+8); data/hercules-3.13/dyngui.c:410:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_aregs = atoi(pszCommand+6); data/hercules-3.13/dyngui.c:416:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_fregs = atoi(pszCommand+6); data/hercules-3.13/dyngui.c:422:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_fregs64 = atoi(pszCommand+8); data/hercules-3.13/dyngui.c:428:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_devlist = atoi(pszCommand+8); data/hercules-3.13/dyngui.c:436:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_new_devlist = atoi(pszCommand+11); data/hercules-3.13/dyngui.c:466:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_cpupct = atoi(pszCommand+7); data/hercules-3.13/dyngui.c:471:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (!(gui_wants_cpupct_all = atoi(pszCommand+10))) data/hercules-3.13/dyngui.c:477:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gui_wants_aggregates = atoi(pszCommand+10); data/hercules-3.13/dyngui.c:1635:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szQueryDeviceBuff[ MAX_DEVICEQUERY_LEN + 1 ]; // (always +1 for safety!) data/hercules-3.13/dyninst.c:182:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_table,save_table,sizeof(save_table)); data/hercules-3.13/dyninst.c:183:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_01xx,save_01xx,sizeof(save_01xx)); data/hercules-3.13/dyninst.c:185:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_a4xx,save_a4xx,sizeof(save_a4xx)); data/hercules-3.13/dyninst.c:187:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_a5xx,save_a5xx,sizeof(save_a5xx)); data/hercules-3.13/dyninst.c:188:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_a7xx,save_a7xx,sizeof(save_a7xx)); data/hercules-3.13/dyninst.c:189:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_b2xx,save_b2xx,sizeof(save_b2xx)); data/hercules-3.13/dyninst.c:190:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_b3xx,save_b3xx,sizeof(save_b3xx)); data/hercules-3.13/dyninst.c:191:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_b9xx,save_b9xx,sizeof(save_b9xx)); data/hercules-3.13/dyninst.c:192:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_c0xx,save_c0xx,sizeof(save_c0xx)); data/hercules-3.13/dyninst.c:193:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_c2xx,save_c2xx,sizeof(save_c2xx)); /*@Z9*/ data/hercules-3.13/dyninst.c:194:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_c4xx,save_c4xx,sizeof(save_c4xx)); /*208*/ data/hercules-3.13/dyninst.c:195:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_c6xx,save_c6xx,sizeof(save_c6xx)); /*208*/ data/hercules-3.13/dyninst.c:196:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_c8xx,save_c8xx,sizeof(save_c8xx)); data/hercules-3.13/dyninst.c:197:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_ccxx,save_ccxx,sizeof(save_ccxx)); /*810*/ data/hercules-3.13/dyninst.c:198:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_e3xx,save_e3xx,sizeof(save_e3xx)); data/hercules-3.13/dyninst.c:199:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_e5xx,save_e5xx,sizeof(save_e5xx)); data/hercules-3.13/dyninst.c:200:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_e6xx,save_e6xx,sizeof(save_e6xx)); data/hercules-3.13/dyninst.c:201:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_ebxx,save_ebxx,sizeof(save_ebxx)); data/hercules-3.13/dyninst.c:202:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_ecxx,save_ecxx,sizeof(save_ecxx)); data/hercules-3.13/dyninst.c:203:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opcode_edxx,save_edxx,sizeof(save_edxx)); data/hercules-3.13/dyninst.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32]; data/hercules-3.13/dyninst.c:238:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32]; data/hercules-3.13/dyninst.c:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32]; data/hercules-3.13/ecpsvm.c:2653:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nname[32]; data/hercules-3.13/ecpsvm.c:2745:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ar,&ecpsvm_sastats,sizeof(ecpsvm_sastats)); data/hercules-3.13/ecpsvm.c:2754:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ar,&ecpsvm_cpstats,sizeof(ecpsvm_cpstats)); data/hercules-3.13/ecpsvm.c:2922:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lvl=atoi(av[1]); data/hercules-3.13/faketape.c:120:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/faketape.c:177:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sblklen[5]; /* work for converting hdr */ data/hercules-3.13/faketape.c:364:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sblklen[5]; /* work buffer */ data/hercules-3.13/fbadasd.c:69:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/fbadasd.c:398:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf) memcpy (buf + bufoff, dev->buf + off, len); data/hercules-3.13/fbadasd.c:695:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf) memcpy (dev->buf + off, buf, len); data/hercules-3.13/fbadasd.c:1180:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devchar, num); data/hercules-3.13/fbadasd.c:1263:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/fbadasd.c:1282:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/fillfnam.c:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[1024]; data/hercules-3.13/fillfnam.c:46:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/fillfnam.c:115:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(path,"\"./"); data/hercules-3.13/fillfnam.c:118:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(path,"./"); data/hercules-3.13/fillfnam.c:127:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullfilename[1+MAX_PATH+1]; data/hercules-3.13/general1.c:1176:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( tmp, op1, op_size ); data/hercules-3.13/general1.c:1208:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( tmp, op3, op_size ); data/hercules-3.13/general1.c:3148:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (regs->exinst, ip, 8); data/hercules-3.13/general1.c:3199:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (regs->exinst, ip, 8); data/hercules-3.13/general1.c:3206:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/hercules-3.13/general1.c:3208:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n = sprintf (buf, "EXRL target ADDR="F_VADR" ", regs->ET); data/hercules-3.13/general1.c:3210:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n = sprintf (buf, "EXRL ADDR="F_VADR" ", regs->ET); data/hercules-3.13/general1.c:3213:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, " INST=%2.2X%2.2X", ip[0], ip[1]); data/hercules-3.13/general1.c:3214:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (ilc > 2) n += sprintf (buf+n, "%2.2X%2.2X", ip[2], ip[3]); data/hercules-3.13/general1.c:3215:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (ilc > 4) n += sprintf (buf+n, "%2.2X%2.2X", ip[4], ip[5]); data/hercules-3.13/getopt.c:103:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char EMSG[1]; data/hercules-3.13/getopt.c:196:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char **) nargv)[pos] = nargv[cstart]; data/hercules-3.13/getopt.c:198:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char **)nargv)[cstart] = swap; data/hercules-3.13/hao.c:70:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *ao_cmd[HAO_MAXRULE]; data/hercules-3.13/hao.c:71:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *ao_tgt[HAO_MAXRULE]; data/hercules-3.13/hao.c:72:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ao_msgbuf[LOG_DEFSIZE+1]; /* (plus+1 for NULL termination) */ data/hercules-3.13/hao.c:136:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work[HAO_WKLEN]; data/hercules-3.13/hao.c:137:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work2[HAO_WKLEN]; data/hercules-3.13/hao.c:214:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work[HAO_WKLEN]; data/hercules-3.13/hao.c:599:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd + coff, str + soff, len); data/hercules-3.13/hao.c:612:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work[HAO_WKLEN]; data/hercules-3.13/hao.c:613:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[HAO_WKLEN]; data/hercules-3.13/hconsole.c:492:8: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static TCHAR g_szOriginalTitle[ MAX_WINDOW_TITLE_LEN ] = {0}; data/hercules-3.13/hconsole.c:496:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szNewTitleBuff [ MAX_WINDOW_TITLE_LEN ]; data/hercules-3.13/hconsole.c:895:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else *rows = atoi(env); data/hercules-3.13/hconsole.c:897:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else *cols = atoi(env); data/hercules-3.13/hconsole.c:916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kbbuf[16]; /* Keyboard i/p buffer */ data/hercules-3.13/hercifc.c:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMsgBuffer[255]; data/hercules-3.13/hercifc.h:18:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifrn_name[IFNAMSIZ]; // (interface name) data/hercules-3.13/hercifc.h:83:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szIFName[IFNAMSIZ]; data/hercules-3.13/hercwind.h:25:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #pragma intrinsic( memset, memcmp, memcpy ) data/hercules-3.13/hercwind.h:77:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[FILENAME_MAX + 1]; data/hercules-3.13/hetget.c:165:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opts.lrecl = atoi( fmt.slds2.lrecl ); data/hercules-3.13/hetget.c:176:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opts.blksize = atoi( fmt.slds2.blksize ); data/hercules-3.13/hetget.c:182:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opts.blksize = atoi( fmt.slds2.lblkln ); data/hercules-3.13/hetget.c:694:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opts.fileno = atoi( argv[ optind + 2 ] ); data/hercules-3.13/hetget.c:763:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opts.lrecl = atoi( argv[ optind + 4 ] ); data/hercules-3.13/hetget.c:768:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opts.blksize = atoi( argv[ optind + 5 ] ); data/hercules-3.13/hetget.c:791:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/hetget.c:793:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outf = fopen( pathname, "wb" ); data/hercules-3.13/hetlib.c:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/hetlib.c:758:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[ HETMAX_BLOCKSIZE ]; data/hercules-3.13/hetlib.c:1217:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[ ((((HETMAX_BLOCKSIZE * 1001) + 999) / 1000) + 12) ]; data/hercules-3.13/hetmap.c:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char crtdt[ 9 ]; data/hercules-3.13/hetmap.c:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expdt[ 9 ]; data/hercules-3.13/hetmap.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recfm[ 4 ]; data/hercules-3.13/hetmap.c:75:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi( fmt.slds1.dsseq ), data/hercules-3.13/hetmap.c:81:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi( fmt.slds1.blkhi ) * 1000000 + atoi( fmt.slds1.blklo ) ); data/hercules-3.13/hetmap.c:81:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi( fmt.slds1.blkhi ) * 1000000 + atoi( fmt.slds1.blklo ) ); data/hercules-3.13/hetmap.c:93:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi( fmt.slds2.lrecl ), data/hercules-3.13/hetmap.c:94:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi( fmt.slds2.blksize ) ); data/hercules-3.13/hetmap.c:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ HETMAX_BLOCKSIZE ]; data/hercules-3.13/hetmap.c:186:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgmpath[MAX_PATH]; data/hercules-3.13/hetupd.c:120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ HETMAX_BLOCKSIZE ]; data/hercules-3.13/hetupd.c:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char toname[ PATH_MAX ]; data/hercules-3.13/hetupd.c:297:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). o_chunksize = atoi( optarg ); data/hercules-3.13/hmacros.h:23:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define open_tape open data/hercules-3.13/hmacros.h:95:33: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define va_copy(to,from) memcpy((to),(from),sizeof(va_list)) data/hercules-3.13/hostinfo.c:70:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num_procs[16]; data/hercules-3.13/hostinfo.c:99:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_info_str[256]; init_hostinfo( pHostInfo ); data/hercules-3.13/hostinfo.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sysname[20]; data/hercules-3.13/hostinfo.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nodename[20]; data/hercules-3.13/hostinfo.h:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char release[20]; data/hercules-3.13/hostinfo.h:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[50]; data/hercules-3.13/hostinfo.h:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char machine[20]; data/hercules-3.13/hsccmd.c:154:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (strncasecmp(argv[1], "p=",2) == 0) test_p = atoi( &argv[1][2] ); data/hercules-3.13/hsccmd.c:155:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (strncasecmp(argv[1], "n=",2) == 0) test_n = atoi( &argv[1][2] ); data/hercules-3.13/hsccmd.c:161:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (strncasecmp(argv[2], "p=",2) == 0) test_p = atoi( &argv[2][2] ); data/hercules-3.13/hsccmd.c:162:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (strncasecmp(argv[2], "n=",2) == 0) test_n = atoi( &argv[2][2] ); data/hercules-3.13/hsccmd.c:168:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (strncasecmp(argv[3], "p=",2) == 0) test_p = atoi( &argv[3][2] ); data/hercules-3.13/hsccmd.c:169:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (strncasecmp(argv[3], "n=",2) == 0) test_n = atoi( &argv[3][2] ); data/hercules-3.13/hsccmd.c:452:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). x = atoi(argv[1]); data/hercules-3.13/hsccmd.c:614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[150]; data/hercules-3.13/hsccmd.c:843:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wrk[16]; data/hercules-3.13/hsccmd.c:844:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sep[1]; data/hercules-3.13/hsccmd.c:851:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wrk, "%c%d:%d", sep[0], i, dev->fcb[i]); data/hercules-3.13/hsccmd.c:856:17: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, ",..."); data/hercules-3.13/hsccmd.c:1249:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%4d.%03d %02d:%02d:%02d.%06d", data/hercules-3.13/hsccmd.c:1297:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clock_buf[30]; data/hercules-3.13/hsccmd.c:1315:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char itimer_formatted[20]; data/hercules-3.13/hsccmd.c:1354:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(itimer_formatted,"%02u:%02u:%02u.%06u", data/hercules-3.13/hsccmd.c:1499:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tamdir[MAX_PATH+1]; /* +1 for optional '+' or '-' prefix */ data/hercules-3.13/hsccmd.c:1582:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cwd[ MAX_PATH ]; data/hercules-3.13/hsccmd.c:1616:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tamdir1[MAX_PATH+1] = {0}; // (resolved path) data/hercules-3.13/hsccmd.c:1617:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tamdir2[MAX_PATH+1] = {0}; // (expanded but unresolved path) data/hercules-3.13/hsccmd.c:1618:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[MAX_PATH+1] = {0}; // (work) data/hercules-3.13/hsccmd.c:1746:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cwd[ MAX_PATH ] = {0}; data/hercules-3.13/hsccmd.c:1844:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[7]; data/hercules-3.13/hsccmd.c:2584:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd [ MAX_PATH ]; data/hercules-3.13/hsccmd.c:2607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd [ MAX_PATH ]; data/hercules-3.13/hsccmd.c:3219:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char range[256]; data/hercules-3.13/hsccmd.c:3283:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(range, "range %" I64_FMT "x%c%" I64_FMT "x", data/hercules-3.13/hsccmd.c:3288:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(range, "range %" I64_FMT "x%c%" I64_FMT "x", data/hercules-3.13/hsccmd.c:3925:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devnam[1024]; data/hercules-3.13/hsccmd.c:4358:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char flags[64+1]; int i; data/hercules-3.13/hsccmd.c:5055:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* fname in host path format */ data/hercules-3.13/hsccmd.c:5184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file in host path format */ data/hercules-3.13/hsccmd.c:5260:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/hsccmd.c:5311:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open (pathname, O_RDONLY | O_BINARY)) < 0) data/hercules-3.13/hsccmd.c:5340:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->mainstor + aaddr + n, &buf[16], len); data/hercules-3.13/hsccmd.c:5364:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sysid[12]; data/hercules-3.13/hsccmd.c:5583:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (sysid, "(none)"); data/hercules-3.13/hsccmd.c:5585:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (sysid, "local"); data/hercules-3.13/hsccmd.c:5587:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (sysid, "id=%d", dev->ioactive); data/hercules-3.13/hsccmd.c:7431:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* (work) */ data/hercules-3.13/hsccmd.c:7447:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(scrfp = fopen(pathname, "r"))) data/hercules-3.13/hscmisc.c:430:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cpustr[10] = {0}; /* "CPU:nnnn " or "" */ data/hercules-3.13/hscmisc.c:433:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cpustr, "CPU%4.4X: ", regs->cpuad); data/hercules-3.13/hscmisc.c:657:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newregs, regs, sysblk.regs_copy_len); data/hercules-3.13/hscmisc.c:670:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hostregs, regs->hostregs, sysblk.regs_copy_len); data/hercules-3.13/hscmisc.c:718:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->hostregs->progjmp, regs->progjmp, data/hercules-3.13/hscmisc.c:742:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hbuf[40]; /* Hexadecimal buffer */ data/hercules-3.13/hscmisc.c:753:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n = sprintf (buf, "R:"F_RADR":", raddr); data/hercules-3.13/hscmisc.c:759:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, " Real address is not valid"); data/hercules-3.13/hscmisc.c:763:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "K:%2.2X=", STORAGE_KEY(aaddr, regs)); data/hercules-3.13/hscmisc.c:771:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. j += sprintf (hbuf+j, "%2.2X", c); data/hercules-3.13/hscmisc.c:779:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "%36.36s %16.16s", hbuf, cbuf); data/hercules-3.13/hscmisc.c:797:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n = sprintf (buf, "%c:"F_VADR":", ar == USE_REAL_ADDR ? 'R' : 'V', data/hercules-3.13/hscmisc.c:806:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n," Translation exception %4.4hX",xcode); data/hercules-3.13/hscmisc.c:830:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/hercules-3.13/hscmisc.c:892:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inst, regs->mainstor + aaddr, ilc); data/hercules-3.13/hscmisc.c:928:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; /* Message buffer */ data/hercules-3.13/hscmisc.c:983:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; /* Message buffer */ data/hercules-3.13/hscmisc.c:1041:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n = sprintf (buf, "V:"F_VADR" ", vaddr); data/hercules-3.13/hscmisc.c:1043:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "(dat off)"); data/hercules-3.13/hscmisc.c:1045:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "(primary)"); data/hercules-3.13/hscmisc.c:1047:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "(secondary)"); data/hercules-3.13/hscmisc.c:1049:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "(home)"); data/hercules-3.13/hscmisc.c:1051:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "(AR%2.2d)", arn); data/hercules-3.13/hscmisc.c:1076:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; /* Message buffer */ data/hercules-3.13/hscmisc.c:1105:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n=sprintf(buf,"CPU%4.4X: ",regs->cpuad); data/hercules-3.13/hscmisc.c:1111:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, data/hercules-3.13/hscmisc.c:1116:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf + n, data/hercules-3.13/hscmisc.c:1140:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. n += sprintf (buf+n, "INST=%2.2X%2.2X", inst[0], inst[1]); data/hercules-3.13/hscmisc.c:1141:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (ilc > 2) n += sprintf (buf+n, "%2.2X%2.2X", inst[2], inst[3]); data/hercules-3.13/hscmisc.c:1142:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (ilc > 4) n += sprintf (buf+n, "%2.2X%2.2X", inst[4], inst[5]); data/hercules-3.13/hscmisc.c:1462:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[4]; data/hercules-3.13/hscutl.c:421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cursym[MAX_SYMBOL_SIZE+1]; data/hercules-3.13/hscutl.c:549:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&begtime,beg_timeval,sizeof(struct timeval)); data/hercules-3.13/hscutl.c:550:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&endtime,end_timeval,sizeof(struct timeval)); data/hercules-3.13/hscutl.c:737:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return open(path, oflag, pmode); data/hercules-3.13/hstructs.h:785:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX+1]; /* filename (plus poss "|") */ data/hercules-3.13/hstructs.h:1158:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tapemsg1[9]; /* 1st Host Message */ data/hercules-3.13/hstructs.h:1159:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tapemsg2[9]; /* 2nd Host Message */ data/hercules-3.13/hstructs.h:1160:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tapesysmsg[32]; /* Unit Message (SYS)*/ data/hercules-3.13/hstructs.h:1429:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char CCKD_TRACE[128]; /* Trace table entry */ data/hercules-3.13/hstructs.h:1611:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BYTE open[CCKD_MAX_SF+1]; /* Open flag */ data/hercules-3.13/hstructs.h:1630:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szStatStrBuff1[GUI_STATSTR_BUFSIZ]; data/hercules-3.13/hstructs.h:1631:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szStatStrBuff2[GUI_STATSTR_BUFSIZ]; data/hercules-3.13/httpserv.c:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:72:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inclfile = fopen(fullname,"rb"); data/hercules-3.13/httpserv.c:336:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_path[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:420:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[80]; data/hercules-3.13/httpserv.c:423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:468:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:528:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). content_length = atoi(pointer); data/hercules-3.13/httpserv.c:592:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[80]; data/hercules-3.13/httpserv.c:607:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[80]; data/hercules-3.13/httpserv.c:647:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char process_dir[HTTP_PATH_LENGTH]; data/hercules-3.13/httpserv.c:661:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char absolute_httproot_path[HTTP_PATH_LENGTH]; data/hercules-3.13/io.c:247:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->pmcw.mbi, pmcw.mbi, sizeof(HWORD)); data/hercules-3.13/io.c:250:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->pmcw.intparm, pmcw.intparm, sizeof(FWORD)); data/hercules-3.13/loadparm.c:56:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, loadparm, sizeof(loadparm)); data/hercules-3.13/loadparm.c:62:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret_loadparm[sizeof(loadparm)+1]; data/hercules-3.13/loadparm.c:102:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, lparname, sizeof(lparname)); data/hercules-3.13/loadparm.c:109:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret_lparname[sizeof(lparname)+1]; data/hercules-3.13/loadparm.c:149:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, manufact, sizeof(manufact)); data/hercules-3.13/loadparm.c:176:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, plant, sizeof(plant)); data/hercules-3.13/loadparm.c:206:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, model, sizeof(model)); data/hercules-3.13/loadparm.c:211:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, modelcapa, sizeof(modelcapa)); data/hercules-3.13/loadparm.c:216:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, modelperm, sizeof(modelperm)); data/hercules-3.13/loadparm.c:221:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, modeltemp, sizeof(modeltemp)); data/hercules-3.13/loadparm.c:239:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, systype, sizeof(systype)); data/hercules-3.13/loadparm.c:257:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, sysname, sizeof(sysname)); data/hercules-3.13/loadparm.c:275:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, sysplex, sizeof(sysplex)); data/hercules-3.13/loadparm.c:323:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( dest, &mpfactors[0], (MAX_CPU-1) * sizeof(U16) ); data/hercules-3.13/logger.c:53:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *msgbuf[2] = {NULL, NULL}, *tmpbuf = NULL; data/hercules-3.13/logger.c:212:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hhmmss[10]; data/hercules-3.13/logger.c:503:34: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logger_syslog[LOG_WRITE]=fopen("LOG","a"); data/hercules-3.13/logger.c:567:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/ltdl.c:166:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[2048]; data/hercules-3.13/ltdl.c:378:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(dest, src, size) bcopy (src, dest, size) data/hercules-3.13/ltdl.c:378:37: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(dest, src, size) bcopy (src, dest, size) data/hercules-3.13/ltdl.c:380:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy rpl_memcpy data/hercules-3.13/ltdl.c:382:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static lt_ptr memcpy LT_PARAMS((lt_ptr dest, const lt_ptr src, size_t size)); data/hercules-3.13/ltdl.c:385:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dest, src, size) data/hercules-3.13/ltdl.c:452:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_specification[LT_FILENAME_MAX]; data/hercules-3.13/ltdl.c:466:14: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. (void) strcat(file_specification,"\\*.*"); data/hercules-3.13/ltdl.c:547:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (mem, ptr, size); data/hercules-3.13/ltdl.c:590:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (argz + *pargz_len, buf, buf_len); data/hercules-3.13/ltdl.c:709:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (before, entry, entry_len); data/hercules-3.13/ltdl.c:1317:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char self_name_buf[MAX_PATH]; data/hercules-3.13/ltdl.c:1349:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wpath[MAX_PATH]; data/hercules-3.13/ltdl.c:1880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char saveError[256] = "Symbol not found"; data/hercules-3.13/ltdl.c:2741:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((*pfile = fopen (filename, LT_READTEXT_MODE))) data/hercules-3.13/ltdl.c:3195:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen (filename, LT_READTEXT_MODE); data/hercules-3.13/ltdl.c:3845:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lsym[LT_SYMBOL_LENGTH]; data/hercules-3.13/ltdl.c:3897:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(sym, "_LTX_"); data/hercules-3.13/machdep.h:594:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&value, (BYTE *)ptr, 2); data/hercules-3.13/machdep.h:617:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((BYTE *)ptr, (BYTE *)&value, 2); data/hercules-3.13/machdep.h:640:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&value, (BYTE *)ptr, 4); data/hercules-3.13/machdep.h:663:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((BYTE *)ptr, (BYTE *)&value, 4); data/hercules-3.13/machdep.h:686:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&value, (BYTE *)ptr, 8); data/hercules-3.13/machdep.h:709:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((BYTE *)ptr, (BYTE *)&value, 8); data/hercules-3.13/omatape.c:66:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/omatape.c:328:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/opcode.c:1418:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char operands[64] data/hercules-3.13/opcode.c:2463:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_table, s370_opcode_table, data/hercules-3.13/opcode.c:2469:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_a7xx, s370_opcode_a7xx, data/hercules-3.13/opcode.c:2471:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_b2xx, s370_opcode_b2xx, data/hercules-3.13/opcode.c:2473:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_b9xx, s370_opcode_b9xx, data/hercules-3.13/opcode.c:2475:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_c0xx, s370_opcode_c0xx, /*@N3*/ data/hercules-3.13/opcode.c:2477:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_e3xx, s370_opcode_e3xx, /*@N3*/ data/hercules-3.13/opcode.c:2479:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s370_opcode_ebxx, s370_opcode_ebxx, data/hercules-3.13/opcode.c:2499:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_table, s390_opcode_table, data/hercules-3.13/opcode.c:2506:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_a7xx, s390_opcode_a7xx, data/hercules-3.13/opcode.c:2508:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_b2xx, s390_opcode_b2xx, data/hercules-3.13/opcode.c:2510:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_b9xx, s390_opcode_b9xx, data/hercules-3.13/opcode.c:2512:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_c0xx, s390_opcode_c0xx, data/hercules-3.13/opcode.c:2514:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_e3xx, s390_opcode_e3xx, data/hercules-3.13/opcode.c:2516:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->s390_opcode_ebxx, s390_opcode_ebxx, data/hercules-3.13/opcode.c:2536:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_table, z900_opcode_table, data/hercules-3.13/opcode.c:2541:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_a7xx, z900_opcode_a7xx, data/hercules-3.13/opcode.c:2543:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_b2xx, z900_opcode_b2xx, data/hercules-3.13/opcode.c:2545:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_b9xx, z900_opcode_b9xx, data/hercules-3.13/opcode.c:2547:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_c0xx, z900_opcode_c0xx, data/hercules-3.13/opcode.c:2549:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_e3xx, z900_opcode_e3xx, data/hercules-3.13/opcode.c:2551:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->z900_opcode_ebxx, z900_opcode_ebxx, data/hercules-3.13/opcode.h:285:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sysblk.footprregs[(_regs)->cpuad][sysblk.footprptr[(_regs)->cpuad]++].inst,(_ip),6); \ data/hercules-3.13/opcode.h:1487:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&temp, (_inst), 4); \ data/hercules-3.13/opcode.h:1694:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&temp, (_inst), 4); \ data/hercules-3.13/panel.c:66:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPentered[256]; /* Data which was entered */ data/hercules-3.13/panel.c:67:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPprompt1[40]; /* Left bottom screen prompt */ data/hercules-3.13/panel.c:68:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPoldprompt1[40]; /* Left bottom screen prompt */ data/hercules-3.13/panel.c:69:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPprompt2[40]; /* Right bottom screen prompt*/ data/hercules-3.13/panel.c:70:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPoldprompt2[40]; /* Right bottom screen prompt*/ data/hercules-3.13/panel.c:105:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPpswstate[16]; data/hercules-3.13/panel.c:128:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char NPdevnam[NP_MAX_DEVICES][128]; data/hercules-3.13/panel.c:180:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmdline[CMD_SIZE+1]; /* Command line buffer */ data/hercules-3.13/panel.c:185:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char saved_cmdline[CMD_SIZE+1]; /* Saved command */ data/hercules-3.13/panel.c:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[MSG_SIZE]; /* text of panel message */ data/hercules-3.13/panel.c:310:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pk, p, sizeof(PANMSG) ); data/hercules-3.13/panel.c:859:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[9]; data/hercules-3.13/panel.c:860:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%8.8X", fw); data/hercules-3.13/panel.c:866:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[17]; data/hercules-3.13/panel.c:867:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%16.16"I64_FMT"X", dw); data/hercules-3.13/panel.c:873:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PANEL_MAX_COLS+1]; data/hercules-3.13/panel.c:933:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/hercules-3.13/panel.c:1101:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%02X ", i); data/hercules-3.13/panel.c:1140:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int online, busy, open; data/hercules-3.13/panel.c:1142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devnam[128]; data/hercules-3.13/panel.c:1143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/hercules-3.13/panel.c:1182:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%4.4X:",regs->cpuad); data/hercules-3.13/panel.c:1193:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%3d", regs->cpupct); data/hercules-3.13/panel.c:1266:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (NPpsw, curpsw, sizeof(QWORD)); data/hercules-3.13/panel.c:1270:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%2d%c%c%c%c%c%c%c%c", data/hercules-3.13/panel.c:1496:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%3.1d.%2.2d", data/hercules-3.13/panel.c:1506:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%7d", sysblk.siosrate); data/hercules-3.13/panel.c:1582:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%4.4X", dev->devnum); data/hercules-3.13/panel.c:1589:65: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!NPdevices_valid || dev->devtype != NPdevtype[i] || open != NPopen[i]) data/hercules-3.13/panel.c:1592:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). set_color (open ? COLOR_LIGHT_GREEN : COLOR_LIGHT_GREY, COLOR_BLACK); data/hercules-3.13/panel.c:1593:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%4.4X", dev->devtype); data/hercules-3.13/panel.c:1596:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). NPopen[i] = open; data/hercules-3.13/panel.c:1605:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%-4.4s", devclass); data/hercules-3.13/panel.c:1754:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (©regs, regs, sysblk.regs_copy_len); data/hercules-3.13/panel.c:1765:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (©sieregs, regs->guestregs, sysblk.regs_copy_len); data/hercules-3.13/panel.c:1782:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char obfr[32]; /* Enough for displaying 2^64-1 */ data/hercules-3.13/panel.c:1783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char grps[7][4]; /* 7 groups of 3 digits */ data/hercules-3.13/panel.c:1795:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(grps[maxg],"%u",grp); data/hercules-3.13/panel.c:1799:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(grps[maxg],"%3.3u",grp); data/hercules-3.13/panel.c:1852:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[MSG_SIZE]; /* Message read buffer */ data/hercules-3.13/panel.c:1859:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; /* Buffer workarea */ data/hercules-3.13/panel.c:2104:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt1, "Enter Address"); data/hercules-3.13/panel.c:2119:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt1, "Enter Data Value"); data/hercules-3.13/panel.c:2126:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt2, "Select Device for IPL"); data/hercules-3.13/panel.c:2136:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (cmdline, "herc ipl %4.4x", NPdevnum[i]); data/hercules-3.13/panel.c:2145:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt2, "Select Device for Interrupt"); data/hercules-3.13/panel.c:2155:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (cmdline, "herc i %4.4x", NPdevnum[i]); data/hercules-3.13/panel.c:2164:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt2, "Select Device to Reassign"); data/hercules-3.13/panel.c:2185:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt2, "New Name, or [enter] to Reload"); data/hercules-3.13/panel.c:2192:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt1, "Confirm Powerdown Y or N"); data/hercules-3.13/panel.c:2205:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt1, "Confirm Restart Y or N"); data/hercules-3.13/panel.c:2218:29: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(NPprompt1, "Confirm External Interrupt Y or N"); data/hercules-3.13/panel.c:2735:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( curmsg->msg, readbuf, MSG_SIZE ); data/hercules-3.13/panel.c:2924:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. len = sprintf (buf, "CPU%4.4X ", sysblk.pcpu); data/hercules-3.13/panel.c:2927:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ibuf[64]; data/hercules-3.13/panel.c:2928:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. len += sprintf(buf+len, "PSW=%8.8X%8.8X ", data/hercules-3.13/panel.c:2931:32: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. len += sprintf (buf+len, "%16.16"I64_FMT"X ", data/hercules-3.13/panel.c:2942:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. len += sprintf (buf+len, "%2d%c%c%c%c%c%c%c%c", data/hercules-3.13/pfpo.c:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/hercules-3.13/pfpo.c:116:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "-0."); data/hercules-3.13/pfpo.c:118:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "0."); data/hercules-3.13/pfpo.c:134:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%d", exp - 127); data/hercules-3.13/pfpo.c:200:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "-0."); data/hercules-3.13/pfpo.c:202:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "0."); data/hercules-3.13/pfpo.c:218:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%d", exp - 1023); data/hercules-3.13/pfpo.c:286:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "-0."); data/hercules-3.13/pfpo.c:288:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "0."); data/hercules-3.13/pfpo.c:313:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%d", exp - 16383); data/hercules-3.13/pfpo.c:446:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "-0."); data/hercules-3.13/pfpo.c:448:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "0."); data/hercules-3.13/pfpo.c:452:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%02x", (r & mask) >> (16 - (i * 8))); data/hercules-3.13/pfpo.c:456:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%d", exp - 64); data/hercules-3.13/pfpo.c:487:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "-0."); data/hercules-3.13/pfpo.c:489:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "0."); data/hercules-3.13/pfpo.c:493:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%02"I64_FMT"x", (r & mask) >> (48 - (i * 8))); data/hercules-3.13/pfpo.c:497:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%d", exp - 64); data/hercules-3.13/pfpo.c:530:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "-0."); data/hercules-3.13/pfpo.c:532:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(f->str, "0."); data/hercules-3.13/pfpo.c:536:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%02"I64_FMT"x", (h & mask) >> (48 - (i * 8))); data/hercules-3.13/pfpo.c:542:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%02"I64_FMT"x", (l & mask) >> (48 - (i * 8))); data/hercules-3.13/pfpo.c:546:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&f->str[strlen(f->str)], "%d", exp - 64); data/hercules-3.13/printer.c:181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wrk[16]; data/hercules-3.13/printer.c:182:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sep[1]; data/hercules-3.13/printer.c:189:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wrk, "%c%d:%d", sep[0], i, dev->fcb[i]); data/hercules-3.13/printer.c:194:17: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, ",..."); data/hercules-3.13/printer.c:230:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[32]; data/hercules-3.13/printer.c:679:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/printer.c:933:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex[3]; /* for hex conversion */ data/hercules-3.13/printer.c:934:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[150]; data/hercules-3.13/printer.c:986:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex,"%02x",code); data/hercules-3.13/printer.c:1080:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex,"%02x",code); data/hercules-3.13/printer.c:1126:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex,"%02x",code); data/hercules-3.13/printer.c:1131:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex,"%02x",iobuf[i]); data/hercules-3.13/printer.c:1381:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/printer.c:1400:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/pttrace.c:608:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[32]; // (result is 'int'; if 64-bits, 19 digits or more!) data/hercules-3.13/pttrace.c:609:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[256]; data/hercules-3.13/pttrace.c:630:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%8.8x", pttrace[i].result); data/hercules-3.13/pttrace.c:632:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%d", pttrace[i].result); data/hercules-3.13/qeth.c:44:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dev->devid, sense_id_bytes, sizeof(sense_id_bytes)); data/hercules-3.13/qeth.c:167:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/qeth.c:187:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/scedasd.c:27:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realdir[MAX_PATH]; data/hercules-3.13/scedasd.c:28:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempdir[MAX_PATH]; data/hercules-3.13/scedasd.c:56:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realdir[MAX_PATH]; data/hercules-3.13/scedasd.c:57:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempdir[MAX_PATH]; data/hercules-3.13/scedasd.c:89:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temppath[MAX_PATH]; data/hercules-3.13/scedasd.c:90:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempreal[MAX_PATH]; data/hercules-3.13/scedasd.c:148:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputbuff[MAX_PATH]; data/hercules-3.13/scedasd.c:150:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAX_PATH]; /* filename of image file */ data/hercules-3.13/scedasd.c:151:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* pathname of image file */ data/hercules-3.13/scedasd.c:178:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/hercules-3.13/scedasd.c:484:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char image[9]; data/hercules-3.13/scedasd.c:487:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAX_PATH]; data/hercules-3.13/scedasd.c:516:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[MAX_PATH]; data/hercules-3.13/scsitape.c:754:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &starting_mtget, &dev->mtget, sizeof( struct mtget ) ); data/hercules-3.13/scsitape.c:1299:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (logical) memcpy( logical, &blockid[0], 4 ); data/hercules-3.13/scsitape.c:1300:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (physical) memcpy( physical, &blockid[0], 4 ); data/hercules-3.13/scsitape.c:1442:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( act_blkid, emu_blkid, 4 ); data/hercules-3.13/scsitape.c:1455:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( act_blkid, emu_blkid, 4 ); data/hercules-3.13/scsitape.c:1482:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( act_blkid, emu_blkid, 4 ); data/hercules-3.13/scsitape.c:1505:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( emu_blkid, act_blkid, 4 ); data/hercules-3.13/scsitape.c:1516:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( emu_blkid, act_blkid, 4 ); data/hercules-3.13/scsitape.c:1535:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( emu_blkid, act_blkid, 4 ); data/hercules-3.13/scsitape.c:1688:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &dev->mtget, &mtget, sizeof( mtget )); data/hercules-3.13/scsitape.c:1914:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/hercules-3.13/service.c:48:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char servc_scpcmdstr[123+1]; /* Operator command string */ data/hercules-3.13/service.c:291:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (evd_bk->const1, const1_template, data/hercules-3.13/service.c:295:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (evd_bk->const2, const2_template, data/hercules-3.13/service.c:299:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (evd_bk->const3, const3_template, data/hercules-3.13/service.c:323:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char systype[9], sysname[9], sysplex[9]; data/hercules-3.13/shared.c:116:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, buf[1024]; /* Work buffer */ data/hercules-3.13/shared.c:203:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->rmtcomp = atoi (op); data/hercules-3.13/shared.c:392:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, buf[1024]; /* Work buffer */ data/hercules-3.13/shared.c:451:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dev->rmtcomp = atoi (op); data/hercules-3.13/shared.c:868:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf) memcpy (dev->buf + off, buf, len); data/hercules-3.13/shared.c:1056:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (buf) memcpy (dev->buf + off, buf, len); data/hercules-3.13/shared.c:1278:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(userver.sun_path, "/tmp/hercules_shared.%d", dev->rmtport); data/hercules-3.13/shared.c:1294:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&iserver.sin_addr.s_addr,&dev->rmtaddr,sizeof(struct in_addr)); data/hercules-3.13/shared.c:1408:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, temp, len < rlen ? len : rlen); data/hercules-3.13/shared.c:1463:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cbuf, hdr, hdrlen); data/hercules-3.13/shared.c:1486:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cbuf, hdr, hdrlen); data/hercules-3.13/shared.c:1487:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cbuf + hdrlen, buf, buflen); data/hercules-3.13/shared.c:1659:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, cbuf, off); data/hercules-3.13/shared.c:1681:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, cbuf, off); data/hercules-3.13/shared.c:2240:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cbuf, hdr, hdrlen); data/hercules-3.13/shared.c:2261:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cbuf, hdr, hdrlen); data/hercules-3.13/shared.c:2262:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cbuf + hdrlen, buf, buflen); data/hercules-3.13/shared.c:2601:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (hdr, dev->shrd[ix]->hdr, SHRD_HDR_SIZE); data/hercules-3.13/shared.c:2631:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->shrd[ix]->hdr, hdr, SHRD_HDR_SIZE); data/hercules-3.13/shared.c:2663:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ((char *)s, data/hercules-3.13/shared.c:2680:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (p) memcpy(p, s, sizeof(*p)); data/hercules-3.13/shared.c:2766:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(userver.sun_path, "/tmp/hercules_shared.%d", sysblk.shrdport); data/hercules-3.13/shared.c:2897:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/hercules-3.13/shared.h:345:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char SHRD_TRACE[128]; /* Trace entry */ data/hercules-3.13/sie.c:531:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(GUESTREGS->gr, regs->gr, 14 * sizeof(regs->gr[0])); data/hercules-3.13/sie.c:532:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(GUESTREGS->ar, regs->ar, 16 * sizeof(regs->ar[0])); data/hercules-3.13/sie.c:533:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(GUESTREGS->fpr, regs->fpr, 32 * sizeof(regs->fpr[0])); data/hercules-3.13/sie.c:853:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->gr, GUESTREGS->gr, 14 * sizeof(regs->gr[0])); data/hercules-3.13/sie.c:854:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->ar, GUESTREGS->ar, 16 * sizeof(regs->ar[0])); data/hercules-3.13/sie.c:855:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->fpr, GUESTREGS->fpr, 32 * sizeof(regs->fpr[0])); data/hercules-3.13/sie.c:917:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(STATEBK->ipa, GUESTREGS->exinst, exilc); data/hercules-3.13/sie.c:922:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(STATEBK->ipa, GUESTREGS->ip, ILC(GUESTREGS->ip[0])); data/hercules-3.13/sllib.c:427:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab, buf, len ); data/hercules-3.13/sllib.c:588:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[ 9 ]; data/hercules-3.13/sllib.c:589:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sbuf[ 9 ]; data/hercules-3.13/sllib.c:621:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &dest[ 2 ], &src[ 1 ] , 2 ); data/hercules-3.13/sllib.c:623:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &dest[ 5 ], &src[ 3 ] , 3 ); data/hercules-3.13/sllib.c:687:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( dest, &wbuf[ 1 ], 6 ); data/hercules-3.13/sllib.c:755:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( fmt->f2, lab->f2, l3 ); data/hercules-3.13/sllib.c:781:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( fmt->type, lab->id, 4 ); data/hercules-3.13/sllib.c:924:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->id, sl_alabs[ SLT_VOL ], 3 ); data/hercules-3.13/sllib.c:945:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slvol.volser, volser, len ); data/hercules-3.13/sllib.c:957:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slvol.owner, owner, len ); data/hercules-3.13/sllib.c:1069:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[ 80 ]; data/hercules-3.13/sllib.c:1083:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->id, sl_alabs[ type ], 3 ); data/hercules-3.13/sllib.c:1110:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.dsid, &dsn[ ndx ], len ); data/hercules-3.13/sllib.c:1130:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.genno, &dsn[ len - 7 ], 4 ); data/hercules-3.13/sllib.c:1131:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.verno, &dsn[ len - 2 ], 2 ); data/hercules-3.13/sllib.c:1143:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.volser, volser, len ); data/hercules-3.13/sllib.c:1152:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%04u", volseq ); data/hercules-3.13/sllib.c:1153:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.volseq, wbuf, 4 ); data/hercules-3.13/sllib.c:1162:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%04u", dsseq ); data/hercules-3.13/sllib.c:1163:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.dsseq, wbuf, 4 ); data/hercules-3.13/sllib.c:1190:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%010u", blocks ); data/hercules-3.13/sllib.c:1191:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.blklo, &wbuf[ 4 ], 6 ); data/hercules-3.13/sllib.c:1196:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.syscd, "IBM OS/VS 370", 13 ); data/hercules-3.13/sllib.c:1201:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%10u", blocks ); data/hercules-3.13/sllib.c:1202:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds1.blkhi, wbuf, 4 ); data/hercules-3.13/sllib.c:1321:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[ 80 ]; data/hercules-3.13/sllib.c:1335:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->id, sl_alabs[ type ], 3 ); data/hercules-3.13/sllib.c:1377:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%10u", blksize ); data/hercules-3.13/sllib.c:1378:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds2.lblkln, wbuf, 10 ); data/hercules-3.13/sllib.c:1379:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds2.blksize, "00000", 5 ); data/hercules-3.13/sllib.c:1383:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%05u", blksize ); data/hercules-3.13/sllib.c:1384:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds2.blksize, wbuf, 5 ); data/hercules-3.13/sllib.c:1433:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%05u", lrecl ); data/hercules-3.13/sllib.c:1434:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds2.lrecl, wbuf, 5 ); data/hercules-3.13/sllib.c:1465:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%-8.8s/%-8.8s", jobname, stepname ); data/hercules-3.13/sllib.c:1466:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds2.jobid, wbuf, 17 ); data/hercules-3.13/sllib.c:1516:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( wbuf, "%06u", rand() ); data/hercules-3.13/sllib.c:1517:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slds2.devser, wbuf, 6 ); data/hercules-3.13/sllib.c:1622:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->id, sl_elabs[ type ], 3 ); data/hercules-3.13/sllib.c:1646:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( lab->slusr.data, data, len ); data/hercules-3.13/sllib.h:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[ 3 ]; data/hercules-3.13/sllib.h:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[ 1 ]; data/hercules-3.13/sllib.h:49:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[ 6 ]; data/hercules-3.13/sllib.h:50:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd1[ 25 ]; data/hercules-3.13/sllib.h:51:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char idrc[ 1 ]; data/hercules-3.13/sllib.h:52:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd2[ 5 ]; data/hercules-3.13/sllib.h:53:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char owner[ 10 ]; data/hercules-3.13/sllib.h:54:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd3[ 29 ]; data/hercules-3.13/sllib.h:59:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsid[ 17 ]; data/hercules-3.13/sllib.h:60:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[ 6 ]; data/hercules-3.13/sllib.h:61:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volseq[ 4 ]; data/hercules-3.13/sllib.h:62:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsseq[ 4 ]; data/hercules-3.13/sllib.h:63:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char genno[ 4 ]; data/hercules-3.13/sllib.h:64:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char verno[ 2 ]; data/hercules-3.13/sllib.h:65:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char crtdt[ 6 ]; data/hercules-3.13/sllib.h:66:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expdt[ 6 ]; data/hercules-3.13/sllib.h:67:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dssec[ 1 ]; data/hercules-3.13/sllib.h:68:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blklo[ 6 ]; data/hercules-3.13/sllib.h:69:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char syscd[ 13 ]; data/hercules-3.13/sllib.h:70:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd1[ 3 ]; data/hercules-3.13/sllib.h:71:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blkhi[ 4 ]; data/hercules-3.13/sllib.h:76:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recfm[ 1 ]; data/hercules-3.13/sllib.h:77:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blksize[ 5 ]; data/hercules-3.13/sllib.h:78:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lrecl[ 5 ]; data/hercules-3.13/sllib.h:79:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char den[ 1 ]; data/hercules-3.13/sllib.h:80:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dspos[ 1 ]; data/hercules-3.13/sllib.h:81:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jobid[ 17 ]; data/hercules-3.13/sllib.h:82:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trtch[ 2 ]; data/hercules-3.13/sllib.h:83:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctrl[ 1 ]; data/hercules-3.13/sllib.h:84:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd1[ 1 ]; data/hercules-3.13/sllib.h:85:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blkattr[ 1 ]; data/hercules-3.13/sllib.h:86:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd2[ 2 ]; data/hercules-3.13/sllib.h:87:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devser[ 6 ]; data/hercules-3.13/sllib.h:88:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ckptid[ 1 ]; data/hercules-3.13/sllib.h:89:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsvd3[ 22 ]; data/hercules-3.13/sllib.h:90:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lblkln[ 10 ]; data/hercules-3.13/sllib.h:95:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[ 76 ]; data/hercules-3.13/sllib.h:105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *key[ 14 ]; data/hercules-3.13/sllib.h:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *val[ 14 ]; data/hercules-3.13/sllib.h:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[ 4 + 1 ]; data/hercules-3.13/sllib.h:114:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[ 6 + 1 ]; data/hercules-3.13/sllib.h:115:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char idrc[ 1 + 1 ]; data/hercules-3.13/sllib.h:116:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char owner[ 10 + 1 ]; data/hercules-3.13/sllib.h:121:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsid[ 17 + 1 ]; data/hercules-3.13/sllib.h:122:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[ 6 + 1 ]; data/hercules-3.13/sllib.h:123:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volseq[ 4 + 1 ]; data/hercules-3.13/sllib.h:124:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dsseq[ 4 + 1 ]; data/hercules-3.13/sllib.h:125:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char genno[ 4 + 1 ]; data/hercules-3.13/sllib.h:126:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char verno[ 2 + 1 ]; data/hercules-3.13/sllib.h:127:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char crtdt[ 6 + 1 ]; data/hercules-3.13/sllib.h:128:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expdt[ 6 + 1 ]; data/hercules-3.13/sllib.h:129:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dssec[ 1 + 1 ]; data/hercules-3.13/sllib.h:130:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blklo[ 6 + 1 ]; data/hercules-3.13/sllib.h:131:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char syscd[ 13 + 1 ]; data/hercules-3.13/sllib.h:132:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blkhi[ 4 + 1 ]; data/hercules-3.13/sllib.h:137:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recfm[ 1 + 1 ]; data/hercules-3.13/sllib.h:138:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blksize[ 5 + 1 ]; data/hercules-3.13/sllib.h:139:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lrecl[ 5 + 1 ]; data/hercules-3.13/sllib.h:140:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char den[ 1 + 1 ]; data/hercules-3.13/sllib.h:141:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dspos[ 1 + 1 ]; data/hercules-3.13/sllib.h:142:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jobid[ 17 + 1 ]; data/hercules-3.13/sllib.h:143:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trtch[ 2 + 1 ]; data/hercules-3.13/sllib.h:144:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctrl[ 1 + 1 ]; data/hercules-3.13/sllib.h:145:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blkattr[ 1 + 1 ]; data/hercules-3.13/sllib.h:146:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devser[ 6 + 1 ]; data/hercules-3.13/sllib.h:147:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ckptid[ 1 + 1 ]; data/hercules-3.13/sllib.h:148:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lblkln[ 10 + 1 ]; data/hercules-3.13/sllib.h:153:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[ 76 + 1 ]; data/hercules-3.13/sockdev.c:122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(((DEVBLK*)0)->filename)]; data/hercules-3.13/sockdev.c:167:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(service)); data/hercules-3.13/sr.c:325:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *devargv[16]; data/hercules-3.13/sr.c:329:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SR_MAX_STRING_LENGTH+1]; data/hercules-3.13/sr.c:330:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zeros[16]; data/hercules-3.13/sr.h:491:2: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fopen((_path), (_mode)) data/hercules-3.13/stack.c:280:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->mainstor + tsaa1, trap_psw, 8); data/hercules-3.13/stack.c:292:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(regs->mainstor + tsaa1, trap_psw + 8, 8); data/hercules-3.13/stack.c:395:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&lsed, regs->mainstor+absold, sizeof(LSED)); data/hercules-3.13/stack.c:435:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&lsed, regs->mainstor+absold, sizeof(LSED)); data/hercules-3.13/stack.c:576:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (regs->mainstor + abs, currpsw, 8); data/hercules-3.13/stack.c:768:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (regs->mainstor+abs, &lsed2, sizeof(LSED)); data/hercules-3.13/stack.c:780:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (regs->mainstor+absold, &lsed, sizeof(LSED)); data/hercules-3.13/stack.c:845:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (lsedptr, regs->mainstor+abs, sizeof(LSED)); data/hercules-3.13/stack.c:885:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (lsedptr, regs->mainstor+abs, sizeof(LSED)); data/hercules-3.13/stack.c:1339:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (newpsw, regs->mainstor + abs, 8); data/hercules-3.13/stack.c:1352:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (newpsw + 8, regs->mainstor + abs, 8); data/hercules-3.13/strsignal.c:359:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32]; data/hercules-3.13/strsignal.c:378:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "Signal %d", signo); data/hercules-3.13/strsignal.c:384:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. msg = (const char *) sys_siglist[signo]; data/hercules-3.13/tapeccws.c:573:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rc = dev->tmh->open( dev, unitstat, code ); data/hercules-3.13/tapeccws.c:790:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/tapeccws.c:1013:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[64]; data/hercules-3.13/tapeccws.c:1197:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &iobuf[0], log_blockid, 4 ); data/hercules-3.13/tapeccws.c:1198:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &iobuf[4], phys_blockid, 4 ); data/hercules-3.13/tapeccws.c:1225:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, data/hercules-3.13/tapeccws.c:1375:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf+1, dev->pgid, num-1); data/hercules-3.13/tapeccws.c:1543:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newfile [ sizeof(dev->filename) ]; /* work */ data/hercules-3.13/tapeccws.c:1544:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lcss[8]; /* work */ data/hercules-3.13/tapeccws.c:1623:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolve_in [ MAX_PATH ] = {0}; /* (work) */ data/hercules-3.13/tapeccws.c:1624:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolve_out[ MAX_PATH ] = {0}; /* (work) */ data/hercules-3.13/tapeccws.c:1975:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devchar, num); data/hercules-3.13/tapeccws.c:2325:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &iobuf[4], &iobuf[8], 4 ); // (Message Id = same as requested) data/hercules-3.13/tapeccws.c:2335:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &iobuf[4], &iobuf[8], 4 ); // (Message Id = same as requested) data/hercules-3.13/tapeccws.c:2636:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->sense, num); data/hercules-3.13/tapeccws.c:2735:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->pgid, iobuf+1, 11); // (set initial value) data/hercules-3.13/tapeccws.c:3158:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->drvpwd, iobuf+1, 11); data/hercules-3.13/tapeccws.c:3265:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, dev->devid, num); data/hercules-3.13/tapeccws.c:3364:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (iobuf, cfgdata, sizeof(cfgdata)); data/hercules-3.13/tapeccws.c:3372:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[7], "\xF4\xF8", 2); // '48' data/hercules-3.13/tapeccws.c:3373:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[39], "\xF4\xF8", 2); // '48' data/hercules-3.13/tapeccws.c:3375:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[10], "\xC4\xF3\xF1", 3); // 'D31' data/hercules-3.13/tapeccws.c:3376:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[42], "\xC4\xF3\xF1", 3); // 'D31' data/hercules-3.13/tapeccws.c:3388:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[7], "\xF5\xF9", 2); // '59' data/hercules-3.13/tapeccws.c:3389:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[39], "\xF5\xF9", 2); // '59' data/hercules-3.13/tapeccws.c:3391:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[10], "\xC2\xF1\xC1", 3); // 'B1A' data/hercules-3.13/tapeccws.c:3392:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[42], "\xC1\xF5\xF0", 3); // 'A50' data/hercules-3.13/tapeccws.c:3395:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&iobuf[100], &iobuf[4], 9); // (set Token NED Type/Model from Device NED) data/hercules-3.13/tapeccws.c:3446:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg1[9], msg2[9]; /* Message areas (ASCIIZ) */ data/hercules-3.13/tapecopy.c:499:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file name in host format */ data/hercules-3.13/tapedev.c:604:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&dev->devid[8], "\x40\xFA\x00\xA0", 4); // CIW Read Configuration Data (0xFA) data/hercules-3.13/tapedev.c:605:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&dev->devid[12], "\x41\x73\x00\x04", 4); // CIW Set Interface Identifier (0x73) data/hercules-3.13/tapedev.c:606:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&dev->devid[16], "\x42\x3E\x00\x60", 4); // CIW Read Subsystem Data (0x3E) data/hercules-3.13/tapedev.c:616:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dev->devchar, dev->devid+1, 6); data/hercules-3.13/tapedev.c:860:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbfr[1024]; /* Working storage */ data/hercules-3.13/tapedev.c:969:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/tapedev.c:1487:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devparms[ MAX_PATH+1 + 128 ]; data/hercules-3.13/tapedev.c:1488:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dispmsg [ 256 ]; data/hercules-3.13/tapedev.c:1532:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tapepos[64]; tapepos[0]=0; data/hercules-3.13/tapedev.c:1610:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msgbfr[256]; data/hercules-3.13/tapedev.c:1640:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volser[7]; data/hercules-3.13/tapedev.c:1717:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sensebkup,dev->sense,dev->numsense); data/hercules-3.13/tapedev.c:1719:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). dev->tmh->open( dev, &unitstat, code ); data/hercules-3.13/tapedev.c:1722:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dev->sense,sensebkup,dev->numsense); data/hercules-3.13/tapedev.c:1906:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg1[9]; data/hercules-3.13/tapedev.c:1907:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[9]; data/hercules-3.13/tapedev.c:2108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bfr[4096]; data/hercules-3.13/tapedev.c:2114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; data/hercules-3.13/tapedev.c:2127:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(aldf=fopen(pathname,"r"))) data/hercules-3.13/tapedev.c:2284:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dev->als[dev->alss],&tae,sizeof(tae)); data/hercules-3.13/tapedev.c:2480:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (logical) memcpy( logical, &blockid[0], 4 ); data/hercules-3.13/tapedev.c:2481:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (physical) memcpy( physical, &blockid[0], 4 ); data/hercules-3.13/tapedev.h:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; /* Filename of data file */ data/hercules-3.13/tapedev.h:286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sprvblkl[4]; /* length of previous block */ data/hercules-3.13/tapedev.h:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scurblkl[4]; /* length of this block */ data/hercules-3.13/tapedev.h:288:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sxorblkl[4]; /* XOR both lengths together */ data/hercules-3.13/tapedev.h:340:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int (*open) (DEVBLK*, BYTE *unitstat, BYTE code); data/hercules-3.13/tapemap.c:62:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/tapemap.c:141:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&awshdr, buf, sizeof(AWSTAPE_BLKHDR)); data/hercules-3.13/tapesplt.c:69:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAX_PATH]; /* file path in host format */ data/hercules-3.13/tapesplt.c:126:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). files2copy = atoi(argv[outfilenum + 1]); data/hercules-3.13/tapesplt.c:183:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&awshdr, buf, sizeof(AWSTAPE_BLKHDR)); data/hercules-3.13/tt32api.h:106:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctln_name[IFNAMSIZ]; // iface name (e.g. "tun0") data/hercules-3.13/tuntap.c:106:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&ctlreq.iru.ifreq, ifr, sizeof (struct ifreq)); data/hercules-3.13/tuntap.c:119:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ifr, &ctlreq.iru.ifreq, sizeof (struct ifreq)); data/hercules-3.13/tuntap.c:450:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iMTU = atoi( pszMTU ); data/hercules-3.13/tuntap.c:497:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( addr->sa_data, mac, IFHWADDRLEN ); data/hercules-3.13/tuntap.c:787:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(unknown_request,"Unknown (0x%x)",iRequest); data/hercules-3.13/tuntap.c:798:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &ctlreq.iru.rtentry, argp, sizeof( struct rtentry ) ); data/hercules-3.13/tuntap.c:804:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &ctlreq.iru.ifreq, argp, sizeof( struct ifreq ) ); data/hercules-3.13/tuntap.h:86:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define TUNTAP_Open open data/hercules-3.13/vm.c:703:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ioparm.sense, dev->sense, numsense); data/hercules-3.13/vm.c:906:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ioparm.sense, dev->sense, numsense); data/hercules-3.13/vm.c:938:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unam[LOGIN_NAME_MAX+1]; /* User name */ data/hercules-3.13/vm.c:1000:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf+24, "\x7F\xFE\x00\x00\x00\x00\x00\x00", 8); data/hercules-3.13/vm.c:1059:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bufi[256]; /* Command buffer (ASCIIZ) */ data/hercules-3.13/vm.c:1060:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bufo[257]; /* Command buffer (ASCIIZ) */ data/hercules-3.13/vm.c:1061:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resp[256]; /* Response buffer (ASCIIZ) */ data/hercules-3.13/vm.c:1314:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&vrdc.vrdcrdc,dev->devchar,42); data/hercules-3.13/vm.c:1333:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&vrdc.vrdcrdc,dev->devchar,32); data/hercules-3.13/vm.c:1336:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&vrdc.vrdcpgid,dev->pgid,11); data/hercules-3.13/vm.c:1344:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&vrdc.vrdcrdev,&vrdc.vrdcdvno,2); data/hercules-3.13/vm.c:1492:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; /* Response buffer */ data/hercules-3.13/vm.c:1531:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, dattim, 8); data/hercules-3.13/vm.c:1533:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf+8, dattim+8, 8); data/hercules-3.13/vm.c:1537:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf+32, dattim+16, 10); data/hercules-3.13/vm.c:1540:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf+48, dattim+26, 10); data/hercules-3.13/vmd250.c:714:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dev->vmd250env->sense,&dev->sense,sizeof(dev->sense)); data/hercules-3.13/vmd250.c:1195:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tname[32]; /* Thread name */ data/hercules-3.13/vmd250.c:1281:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(asyncp,&ioctl,sizeof(IOCTL32)); data/hercules-3.13/vmd250.c:1440:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&bioe,ioctl->regs->mainstor+bioebeg,sizeof(BIOE32)); data/hercules-3.13/vmd250.c:1623:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ioctl->regs->mainstor+bioebeg+1,&status,1); data/hercules-3.13/vmd250.c:1803:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tname[32]; /* Thread name */ data/hercules-3.13/vmd250.c:1903:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(asyncp,&ioctl,sizeof(IOCTL64)); data/hercules-3.13/vmd250.c:2042:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&bioe,ioctl->regs->mainstor+bioebeg,sizeof(BIOE64)); data/hercules-3.13/vmd250.c:2210:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ioctl->regs->mainstor+bioebeg+1,&status,1); data/hercules-3.13/vstore.h:162:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MADDRL(addr, len+1, arn, regs, ACCTYPE_WRITE, regs->psw.pkey), data/hercules-3.13/vstore.h:176:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (main1, src, len2); data/hercules-3.13/vstore.h:177:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (main2, (BYTE*)src + len2, len + 1 - len2); data/hercules-3.13/vstore.h:279:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(main1, temp, len); data/hercules-3.13/vstore.h:280:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(main2, temp+len, 4-len); data/hercules-3.13/vstore.h:331:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(main1, temp, len); data/hercules-3.13/vstore.h:332:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(main2, temp+len, 8-len); data/hercules-3.13/vstore.h:400:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dest, main1, len + 1); data/hercules-3.13/vstore.h:407:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dest, main1, len2); data/hercules-3.13/vstore.h:408:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((BYTE*)dest + len2, main2, len + 1 - len2); data/hercules-3.13/vstore.h:500:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, mn, 4); data/hercules-3.13/vstore.h:504:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp+len, mn, 4); data/hercules-3.13/vstore.h:544:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, mn, 8); data/hercules-3.13/vstore.h:548:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp+len, mn, 8); data/hercules-3.13/vstore.h:700:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dest, ia, 4); data/hercules-3.13/vstore.h:706:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest + len, ia, 4); data/hercules-3.13/w32ctca.c:47:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g_tt32_dllname [ MAX_TT32_DLLNAMELEN ] = {0}; data/hercules-3.13/w32ctca.c:50:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TT32_PROCADDRS ( open ); data/hercules-3.13/w32ctca.c:70:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GET_TT32_PROCADDRS ( open ); data/hercules-3.13/w32ctca.c:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tt32_dllname_in_buff [ MAX_PATH ]; data/hercules-3.13/w32ctca.c:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tt32_dllname_out_buff [ MAX_PATH ] = {0}; data/hercules-3.13/w32ctca.h:22:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char g_tt32_dllname [MAX_TT32_DLLNAMELEN]; data/hercules-3.13/w32mtio.h:188:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved[10]; data/hercules-3.13/w32stape.c:159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTapeDeviceName[10]; data/hercules-3.13/w32util.c:125:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szMsgBuff[ 256 ]; // (s/b plenty big enough) data/hercules-3.13/w32util.c:775:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(pattern, "*.*"); data/hercules-3.13/w32util.c:996:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char login_name [ LOGIN_NAME_MAX + 1 ]; data/hercules-3.13/w32util.c:1193:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char process_exec_dirbuf[MAX_PATH]; data/hercules-3.13/w32util.c:1349:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szErrMsg[256]; data/hercules-3.13/w32util.c:1553:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szHostName[ WSADESCRIPTION_LEN ]; data/hercules-3.13/w32util.c:2700:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuff [ PIPEBUFSIZE ]; data/hercules-3.13/w32util.c:2701:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char holdbuff [ HOLDBUFSIZE ]; data/hercules-3.13/w32util.c:2732:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( holdbuff + nHoldAmount, readbuff, HOLDBUFSIZE - nHoldAmount); data/hercules-3.13/w32util.c:2740:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(holdbuff+nHoldAmount,readbuff,nAmountRead); data/hercules-3.13/w32util.c:2829:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pPipedProcessCtl->pszBuffer + pPipedProcessCtl->nStrLen, pbeg, nNewStrLen ); data/hercules-3.13/xstore.c:84:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (maddr, sysblk.xpndstor + xoffs, XSTORE_PAGESIZE); data/hercules-3.13/xstore.c:149:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (sysblk.xpndstor + xoffs, maddr, XSTORE_PAGESIZE); data/hercules-3.13/xstore.c:550:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (main1, data/hercules-3.13/xstore.c:560:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (sysblk.xpndstor + ((size_t)xpblk1 << XSTORE_PAGESHIFT), data/hercules-3.13/xstore.c:571:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (main1, main2, XSTORE_PAGESIZE); data/hercules-3.13/awstape.c:187:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, buf, sizeof(AWSTAPE_BLKHDR)); data/hercules-3.13/awstape.c:297:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, buf+blklen, seglen); data/hercules-3.13/bldcfg.c:155:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/hercules-3.13/bldcfg.c:160:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/hercules-3.13/bldcfg.c:305:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen( tamdir ); data/hercules-3.13/bldcfg.c:330:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*ppTAMDIR)->len = strlen (tamdir); data/hercules-3.13/bldcfg.c:398:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(fp); data/hercules-3.13/bldcfg.c:477:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (inc_envvar) == 0) data/hercules-3.13/bldcfg.c:488:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (stmtlen+strlen(inc_envvar) >= sizeof(buf) - 1) data/hercules-3.13/bldcfg.c:579:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(buf1)>=sizeof(buf)) data/hercules-3.13/bldcfg.c:949:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(keyword) <= 4 data/hercules-3.13/bldcfg.c:1003:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (scount == 0 && addargc == 5 && strlen(keyword) == 6 data/hercules-3.13/bldcfg.c:1150:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sversion) != 2 data/hercules-3.13/bldcfg.c:1165:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sserial) != 6 data/hercules-3.13/bldcfg.c:1178:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(smodel) != 4 data/hercules-3.13/bldcfg.c:1413:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ssysepoch) != 4 data/hercules-3.13/bldcfg.c:1442:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(stzoffset) != 5 data/hercules-3.13/bldcfg.c:1457:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(hlogofile, slogofile, sizeof(hlogofile)-1); data/hercules-3.13/bldcfg.c:1581:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen( cwd ); data/hercules-3.13/bldcfg.c:1585:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pNewTAMDIR->len = strlen (cwd); data/hercules-3.13/bootstrap.c:375:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). UserStreamArray[UserStreamCount].BufferSize = strlen(g_host_info_str)+1; data/hercules-3.13/bootstrap.c:384:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). UserStreamArray[UserStreamCount].BufferSize = strlen(*ppszBldInfoStr)+1; data/hercules-3.13/cardpch.c:52:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc == 0 || strlen(argv[0]) > sizeof(dev->filename)-1) data/hercules-3.13/cardrdr.c:175:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[i]) > sizeof(dev->filename)-1) data/hercules-3.13/cardrdr.c:250:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[0]) > sizeof(dev->filename)-1) data/hercules-3.13/cardrdr.c:622:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = getc(dev->fh); data/hercules-3.13/cckdcdsk.c:85:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (dev->fd, &cdevhdr, CCKD_DEVHDR_SIZE)) < CCKD_DEVHDR_SIZE) data/hercules-3.13/cckdcomp.c:80:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (dev->fd, &cdevhdr, CCKD_DEVHDR_SIZE)) < CCKD_DEVHDR_SIZE) data/hercules-3.13/cckddasd.c:357:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1); data/hercules-3.13/cckddasd.c:644:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (cckd->fd[sfx], buf, len); data/hercules-3.13/cckddasd.c:912:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, trk, unitstat); data/hercules-3.13/cckddasd.c:1103:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, blkgrp, unitstat); data/hercules-3.13/cckddasd.c:4423:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(500); data/hercules-3.13/cckddiag.c:82:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). x = getc(stdin); data/hercules-3.13/cckddiag.c:139:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd, buf, len) < (ssize_t)len) { data/hercules-3.13/cckdfix.c:18:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read (fd, &devhdr, CKDDASD_DEVHDR_SIZE); data/hercules-3.13/cckdfix.c:19:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read (fd, &cdevhdr, CCKDDASD_DEVHDR_SIZE); data/hercules-3.13/cckdswap.c:73:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (dev->fd, &devhdr, CKDDASD_DEVHDR_SIZE)) < CKDDASD_DEVHDR_SIZE) data/hercules-3.13/cckdswap.c:92:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (dev->fd, &cdevhdr, CCKD_DEVHDR_SIZE)) < CCKD_DEVHDR_SIZE) data/hercules-3.13/cckdswap.c:128:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (dev->fd, &cdevhdr, CCKD_DEVHDR_SIZE)) < CCKD_DEVHDR_SIZE) data/hercules-3.13/cckdutil.c:88:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &cdevhdr, len)) != len) data/hercules-3.13/cckdutil.c:106:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, l1, len)) != len) data/hercules-3.13/cckdutil.c:126:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, l2, len)) != len) data/hercules-3.13/cckdutil.c:146:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &freeblk, len)) != len) data/hercules-3.13/cckdutil.c:158:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &freeblk, len)) != len) data/hercules-3.13/cckdutil.c:176:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &freeblk, len)) != len) data/hercules-3.13/cckdutil.c:375:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &devhdr, len)) != len) data/hercules-3.13/cckdutil.c:395:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &cdevhdr, len)) != len) data/hercules-3.13/cckdutil.c:438:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, l1, len)) != len) data/hercules-3.13/cckdutil.c:506:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, l2[l], len)) != len) data/hercules-3.13/cckdutil.c:588:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, p, len)) != len) data/hercules-3.13/cckdutil.c:655:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, buf, len)) != len) data/hercules-3.13/cckdutil.c:969:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &devhdr, len)) != len) data/hercules-3.13/cckdutil.c:999:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &cdevhdr, len)) != len) data/hercules-3.13/cckdutil.c:1171:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, l1, len)) != len) data/hercules-3.13/cckdutil.c:1298:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, l2tab, len)) != len) data/hercules-3.13/cckdutil.c:1474:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). || (rc = read (fd, &freeblk, len)) != len) data/hercules-3.13/cckdutil.c:1482:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). || (rc = read (fd, fsp, len)) != len) data/hercules-3.13/cckdutil.c:1513:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &freeblk, len)) != len) data/hercules-3.13/cckdutil.c:1561:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, buf, len)) != len) data/hercules-3.13/cckdutil.c:1679:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, buf, len)) != len) data/hercules-3.13/cckdutil.c:1899:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, buf, len)) != len) data/hercules-3.13/cckdutil.c:2283:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, buf, len)) != len) data/hercules-3.13/cckdutil.c:2301:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((rc = read (fd, &l2ent, len)) != len) data/hercules-3.13/cgibin.c:215:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); data/hercules-3.13/cgibin.c:264:27: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). if ( wrk_bufptr ) strncpy( wrk_bufptr, logbuf_ptr, num_bytes ); data/hercules-3.13/cgibin.c:1205:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cgibin_hwrite(webblk, response, strlen (response)); data/hercules-3.13/channel.c:41:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(sysblk.iodelay); \ data/hercules-3.13/ckddasd.c:225:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc == 0 || strlen(argv[0]) > sizeof(dev->filename)-1) data/hercules-3.13/ckddasd.c:263:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sfxptr == NULL) sfxptr = dev->filename + strlen(dev->filename); data/hercules-3.13/ckddasd.c:308:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 3 && data/hercules-3.13/ckddasd.c:322:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev->dasdsfx = dev->dasdsfn + strlen(dev->dasdsfn); data/hercules-3.13/ckddasd.c:327:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 3 data/hercules-3.13/ckddasd.c:396:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &devhdr, CKDDASD_DEVHDR_SIZE); data/hercules-3.13/ckddasd.c:432:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &cdevhdr, CCKDDASD_DEVHDR_SIZE); data/hercules-3.13/ckddasd.c:681:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (dev->hnd->read) (dev, -1, &unitstat); data/hercules-3.13/ckddasd.c:727:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, trk, unitstat); data/hercules-3.13/ckddasd.c:964:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, dev->buf, dev->ckdtrksz); data/hercules-3.13/ckddasd.c:1049:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, trk, unitstat); data/hercules-3.13/ckddasd.c:1102:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (dev->hnd->read) (dev, -1, &unitstat); data/hercules-3.13/ckddasd.c:1219:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) ? (dev->hnd->read)(dev, rc, &byte) : -1; data/hercules-3.13/ckddasd.c:1219:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) ? (dev->hnd->read)(dev, rc, &byte) : -1; data/hercules-3.13/cmdtab.c:212:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdl=MAX(strlen(cmd_argv[0]),pCmdTab->statminlen); data/hercules-3.13/comm3705.c:655:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(s)<16) data/hercules-3.13/comm3705.c:1092:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(sfd, msgtext, strlen(msgtext)); data/hercules-3.13/comm3705.c:1258:3: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); data/hercules-3.13/comm3705.c:1265:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc=read(ca->sfd,bfr,ca->unitsz-BUFPD); data/hercules-3.13/comm3705.c:1326:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(min(1000000,delay)); /* go to sleep, max. 1 second */ data/hercules-3.13/comm3705.c:1481:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(&dev->commadpt->locncpnm[strlen(res.text)]," ",1); data/hercules-3.13/comm3705.c:1487:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(&dev->commadpt->rmtncpnm[strlen(res.text)]," ",1); data/hercules-3.13/commadpt.c:851:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(sfd, msgtext, strlen(msgtext)); data/hercules-3.13/commadpt.c:1090:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc=read(ca->sfd,bfr,256); data/hercules-3.13/commadpt.c:1346:25: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); data/hercules-3.13/commadpt.c:1456:25: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); data/hercules-3.13/commadpt.c:2178:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) < 2) data/hercules-3.13/commadpt.c:2187:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) < 2) data/hercules-3.13/commadpt.c:2189:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j=0; j < (int)strlen(res.text); j+= 2) data/hercules-3.13/commadpt.c:2199:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) != 2 && strlen(res.text) != 4 data/hercules-3.13/commadpt.c:2199:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) != 2 && strlen(res.text) != 4 data/hercules-3.13/commadpt.c:2200:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(res.text) != 6 && strlen(res.text) != 8) data/hercules-3.13/commadpt.c:2200:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(res.text) != 6 && strlen(res.text) != 8) data/hercules-3.13/commadpt.c:2202:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j=0; j < (int)strlen(res.text); j+= 2) data/hercules-3.13/commadpt.c:2210:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev->commadpt->prepend_length = strlen(res.text) >> 1; data/hercules-3.13/commadpt.c:2213:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) != 2 && strlen(res.text) != 4 data/hercules-3.13/commadpt.c:2213:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) != 2 && strlen(res.text) != 4 data/hercules-3.13/commadpt.c:2214:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(res.text) != 6 && strlen(res.text) != 8) data/hercules-3.13/commadpt.c:2214:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(res.text) != 6 && strlen(res.text) != 8) data/hercules-3.13/commadpt.c:2216:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j=0; j < (int)strlen(res.text); j+= 2) data/hercules-3.13/commadpt.c:2224:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev->commadpt->append_length = strlen(res.text) >> 1; data/hercules-3.13/commadpt.c:2227:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res.text) < 2) data/hercules-3.13/commadpt.c:2229:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j=0; j < (int)strlen(res.text); j+= 2) data/hercules-3.13/con1052c.c:82:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dev->filename,"/"); data/hercules-3.13/con1052c.c:357:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && !strncasecmp(cmd,dev->filename,strlen(dev->filename)) ) data/hercules-3.13/con1052c.c:359:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). input = cmd + strlen(dev->filename); data/hercules-3.13/con1052c.c:361:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmd+strlen(dev->filename) ); data/hercules-3.13/config.c:922:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wrk=malloc(strlen(spec)+1); data/hercules-3.13/config.c:969:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *rest=malloc(strlen(r)+1); data/hercules-3.13/config.c:1304:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rec[strlen(rec)-1]=0; data/hercules-3.13/config.c:1305:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). data[sysblk.logolines]=malloc(strlen(rec)+1); data/hercules-3.13/config.c:1325:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || (n = strlen(s)) < 7 data/hercules-3.13/config.c:1333:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strspn( s+1, "0123456789" ) != strlen(s+1) ) data/hercules-3.13/config.c:1342:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strspn( p1+1, "0123456789" ) != strlen(p1+1) ) data/hercules-3.13/config.c:1351:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strspn( p2+1, "0123456789" ) != strlen(p2+1) ) data/hercules-3.13/console.c:712:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(s)<16) data/hercules-3.13/console.c:1389:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cline=malloc(strlen(logodata[i])+1); data/hercules-3.13/console.c:1403:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ypos=strlen(cline); data/hercules-3.13/console.c:1414:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ypos=strlen(cline); data/hercules-3.13/console.c:1430:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ypos+=strlen(cline); data/hercules-3.13/console.c:1816:12: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(conmsg,"SYSG",sizeof(conmsg)); data/hercules-3.13/console.c:2099:17: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); // (wait a bit; maybe it'll fix itself??) data/hercules-3.13/console.c:3512:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen((char *)dev->buf); data/hercules-3.13/conspawn.c:80:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k += strlen(argv[i]) + 1; data/hercules-3.13/conspawn.c:99:36: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (i != (argc-1)) strcat(p," "); data/hercules-3.13/conspawn.c:153:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k += strlen(argv[i]) + 1; data/hercules-3.13/conspawn.c:178:28: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (i != (argc-1)) strcat(p," "); data/hercules-3.13/ctc_ctci.c:1013:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( CTC_DELAY_USECS ); // (wait a bit before retrying...) data/hercules-3.13/ctc_ctci.c:1241:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( optarg ) > sizeof( pCTCBLK->szTUNCharName ) - 1 ) data/hercules-3.13/ctc_ctci.c:1387:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen( *argv ) > sizeof( pCTCBLK->szTUNCharName ) - 1 ) data/hercules-3.13/ctc_lcs.c:1319:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( 250*1000 ); data/hercules-3.13/ctc_lcs.c:1365:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( 250*1000 ); data/hercules-3.13/ctc_lcs.c:1861:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( CTC_DELAY_USECS ); data/hercules-3.13/ctc_lcs.c:2118:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( optarg ) > sizeof( pDEVBLK->filename ) - 1 ) data/hercules-3.13/ctc_lcs.c:2404:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( pszKeyword ) > 4 || data/hercules-3.13/ctc_lcs.c:2562:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc( fp ); data/hercules-3.13/ctcadpt.c:992:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( listenp ) > 5 || data/hercules-3.13/ctcadpt.c:1026:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( remotep ) > 5 || data/hercules-3.13/ctcadpt.c:1038:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( mtusize ) > 5 || data/hercules-3.13/ctcadpt.c:1555:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(dev->fd, ipaddress, strlen(ipaddress)); data/hercules-3.13/ctcadpt.c:1678:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(dev->fd, dev->buf, dev->bufsize); data/hercules-3.13/ctcadpt.c:2251:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( listenp ) > 5 || data/hercules-3.13/ctcadpt.c:2292:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( remotep ) > 5 || data/hercules-3.13/ctcadpt.c:2318:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( mtusize ) > 5 || data/hercules-3.13/ctcadpt.c:2336:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( ctceSmlChr ) > 5 || data/hercules-3.13/ctcadpt.c:3056:29: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(i); data/hercules-3.13/ctcadpt.c:3173:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(pszMACAddr) != ((sizeof(MAC)*3)-1) data/hercules-3.13/ctcadpt.c:3183:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(work,pszMACAddr,((sizeof(MAC)*3)-1)); data/hercules-3.13/dasdcat.c:232:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buff, file, sizeof(buff)); data/hercules-3.13/dasdcat.c:257:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dsname, buff, sizeof(dsname)); data/hercules-3.13/dasdcat.c:325:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*(argv+1) && strlen (*(argv+1)) > 3 && !memcmp(*(argv+1), "sf=", 3)) data/hercules-3.13/dasdconv.c:75:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define IFREAD read data/hercules-3.13/dasdconv.c:786:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix = sfname + strlen(sfname) - 1; data/hercules-3.13/dasdconv.c:859:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argv[1] == NULL || strlen(argv[1]) == 0 data/hercules-3.13/dasdconv.c:860:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || strlen(argv[1]) > sizeof(ifname)-1) data/hercules-3.13/dasdconv.c:865:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argv[2] == NULL || strlen(argv[2]) == 0 data/hercules-3.13/dasdconv.c:866:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || strlen(argv[2]) > sizeof(ofname)-1) data/hercules-3.13/dasdcopy.c:183:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[1]) < 4 || memcmp(argv[1], "sf=", 3)) data/hercules-3.13/dasdcopy.c:201:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (fd, buf, 8); data/hercules-3.13/dasdcopy.c:354:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (idev->hnd->read)(idev, i, &unitstat); data/hercules-3.13/dasdcopy.c:364:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (idev->hnd->read)(idev, i, &unitstat); data/hercules-3.13/dasdinit.c:190:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argv[1] == NULL || strlen(argv[1]) == 0 data/hercules-3.13/dasdinit.c:191:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || strlen(argv[1]) > sizeof(fname)-1) data/hercules-3.13/dasdinit.c:237:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argv[3] == NULL || strlen(argv[3]) == 0 data/hercules-3.13/dasdinit.c:238:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || strlen(argv[3]) > sizeof(volser)-1) data/hercules-3.13/dasdinit.c:251:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!argv[volsize_argnum] || strlen(argv[volsize_argnum]) == 0 data/hercules-3.13/dasdisup.c:110:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (ofname, memname, 8); data/hercules-3.13/dasdload.c:207:29: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (dsorg[0] & DSORG_U) strcat (name, "U"); data/hercules-3.13/dasdload.c:222:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (name, "V"); break; data/hercules-3.13/dasdload.c:224:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (name, "F"); break; data/hercules-3.13/dasdload.c:226:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (name, "U"); break; data/hercules-3.13/dasdload.c:231:36: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (recfm[0] & RECFM_TRKOFLOW) strcat (name, "T"); data/hercules-3.13/dasdload.c:232:35: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (recfm[0] & RECFM_BLOCKED) strcat (name, "B"); data/hercules-3.13/dasdload.c:233:35: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (recfm[0] & RECFM_SPANNED) strcat (name, "S"); data/hercules-3.13/dasdload.c:237:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (name, "A"); break; data/hercules-3.13/dasdload.c:239:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (name, "M"); break; data/hercules-3.13/dasdload.c:390:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (tfd, objrec, 80); data/hercules-3.13/dasdload.c:1670:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (xfd, seghdr, 2); data/hercules-3.13/dasdload.c:1725:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (xfd, xbuf + xreclen, seglen); data/hercules-3.13/dasdload.c:1769:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xreclen = read(xfd, xbuf, 56); /* read COPYR1 plus some extras */ data/hercules-3.13/dasdload.c:1781:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xreclen = read(xfd, xbuf, sizeof(COPYR2)); /* read COPYR2 */ data/hercules-3.13/dasdload.c:1793:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read(xfd, xbuf, 12); /* read header of DATABLK */ data/hercules-3.13/dasdload.c:1807:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read(xfd, xbuf + 12, xreclen); /* read kdarea of DATABLK */ data/hercules-3.13/dasdload.c:1938:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tudsnam); data/hercules-3.13/dasdload.c:3534:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (sfd, &datablk.kdarea, blksz < size ? blksz : size); data/hercules-3.13/dasdload.c:4053:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). txtlen = strlen(tbuf); data/hercules-3.13/dasdload.c:4293:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stmtlen = strlen(stmt); data/hercules-3.13/dasdload.c:4409:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (dsname, pdsnam, 44); data/hercules-3.13/dasdload.c:5019:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argv[1] == NULL || strlen(argv[1]) == 0) data/hercules-3.13/dasdload.c:5024:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argv[2] == NULL || strlen(argv[2]) == 0) data/hercules-3.13/dasdload.c:5064:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (volser == NULL || strlen(volser) == 0 || strlen(volser) > 6) data/hercules-3.13/dasdload.c:5064:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (volser == NULL || strlen(volser) == 0 || strlen(volser) > 6) data/hercules-3.13/dasdls.c:293:65: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_BLOCKED) strcat(txtrecfm, "B"); data/hercules-3.13/dasdls.c:294:65: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_SPANNED) strcat(txtrecfm, "S"); data/hercules-3.13/dasdls.c:305:65: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_TRKOFLOW) strcat(txtrecfm, "T"); data/hercules-3.13/dasdls.c:472:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(*argv) > 6 && !memcmp(fn, "-dsnl=", 6)) /* restrict dsname width */ data/hercules-3.13/dasdls.c:480:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(*argv) > 8 && !memcmp(fn, "-yroffs=", 8)) /* year offset */ data/hercules-3.13/dasdls.c:488:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*(argv+1) && strlen (*(argv+1)) > 3 && !memcmp(*(argv+1), "sf=", 3)) data/hercules-3.13/dasdpdsu.c:60:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (ofname, memname, 8); data/hercules-3.13/dasdpdsu.c:262:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (dsnama, argv[2|+i], sizeof(dsnama)-1); data/hercules-3.13/dasdseq.c:125:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(txtcredt, "."); data/hercules-3.13/dasdseq.c:132:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(txtexpdt, "."); data/hercules-3.13/dasdseq.c:148:49: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (dsorg & (DSORG_U * 256)) strcat(txtdsorg, "U"); data/hercules-3.13/dasdseq.c:150:49: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_FORMAT_F) strcpy(txtrecfm, "F"); data/hercules-3.13/dasdseq.c:151:49: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_FORMAT_V) strcpy(txtrecfm, "V"); data/hercules-3.13/dasdseq.c:153:49: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(txtrecfm, "U"); data/hercules-3.13/dasdseq.c:154:49: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_BLOCKED) strcat(txtrecfm, "B"); data/hercules-3.13/dasdseq.c:155:49: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_SPANNED) strcat(txtrecfm, "S"); data/hercules-3.13/dasdseq.c:156:49: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_CTLCHAR_A) strcat(txtrecfm, "A"); data/hercules-3.13/dasdseq.c:157:49: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_CTLCHAR_M) strcat(txtrecfm, "M"); data/hercules-3.13/dasdseq.c:158:49: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (f1dscb->ds1recfm & RECFM_TRKOFLOW) strcat(txtrecfm, "T"); data/hercules-3.13/dasdseq.c:552:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*argv && strlen(*argv) > 3 && !memcmp(*argv, "sf=", 3)) { data/hercules-3.13/dasdseq.c:843:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(zdsn, *pdsn, sizeof(zdsn) - 1); data/hercules-3.13/dasdutil.c:227:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read)(dev, trk, &unitstat); data/hercules-3.13/dasdutil.c:577:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sfxname) < 2 || sfxname[strlen(sfxname)-2] != '_') data/hercules-3.13/dasdutil.c:577:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sfxname) < 2 || sfxname[strlen(sfxname)-2] != '_') data/hercules-3.13/dasdutil.c:579:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix = sfxname + strlen(sfxname) - 1; data/hercules-3.13/dasdutil.c:599:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (fd, &devhdr, CKDDASD_DEVHDR_SIZE); data/hercules-3.13/dasdutil.c:1791:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sfname) < 2 || sfname[strlen(sfname)-2] == '_') data/hercules-3.13/dasdutil.c:1791:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sfname) < 2 || sfname[strlen(sfname)-2] == '_') data/hercules-3.13/dasdutil.c:1793:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix = sfname + strlen(sfname) - 1; data/hercules-3.13/dasdutil.c:2212:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int iLen = (int)strlen(pszdsname); data/hercules-3.13/decNumber/decNumber.c:2253:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(string, "?"); data/hercules-3.13/decNumber/decNumberLocal.h:71:27: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. #error Maximum digits mismatch data/hercules-3.13/decNumber/decNumberLocal.h:74:29: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. #error Maximum exponent mismatch data/hercules-3.13/decNumber/decNumberLocal.h:77:29: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. #error Minimum exponent mismatch data/hercules-3.13/devtype.h:38:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DEVRF *read; /* Device Read */ data/hercules-3.13/dfp.c:667:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int)strlen(zd); data/hercules-3.13/dfp.c:1363:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zwlen = (int)(strlen(zwork)); data/hercules-3.13/dmap2hrc.c:97:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, (void *)&controller, sizeof(DEVMAP_CTLR)); data/hercules-3.13/dmap2hrc.c:111:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, (void *)&controller, sizeof(DEVMAP_CTLR)); data/hercules-3.13/dmap2hrc.c:143:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, (void *)&device, sizeof(DEVMAP_DEV)); data/hercules-3.13/dmap2hrc.c:179:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(output_type, device.type, 4); data/hercules-3.13/dmap2hrc.c:197:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(output_filename) > 0) data/hercules-3.13/dyngui.c:239:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((nBytesRead = read( nInputStreamFileNum, pReadBuffer, nMaxBytesToRead )) < 0) data/hercules-3.13/dyngui.c:2141:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); // (brief delay to give GUI time data/hercules-3.13/ecpsvm.c:2676:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(nname,"-"); data/hercules-3.13/ecpsvm.c:2680:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(nname,"%"); data/hercules-3.13/ecpsvm.c:2684:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(nname,"+"); data/hercules-3.13/ecpsvm.c:2989:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(cmd)<=strlen(ce->name) && strlen(cmd)>=(size_t)ce->abbrev) data/hercules-3.13/ecpsvm.c:2989:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(cmd)<=strlen(ce->name) && strlen(cmd)>=(size_t)ce->abbrev) data/hercules-3.13/ecpsvm.c:2989:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(cmd)<=strlen(ce->name) && strlen(cmd)>=(size_t)ce->abbrev) data/hercules-3.13/ecpsvm.c:2991:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). clen=strlen(cmd); data/hercules-3.13/faketape.c:197:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &fakehdr, sizeof(FAKETAPE_BLKHDR)); data/hercules-3.13/faketape.c:235:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( sblklen, fakehdr.sprvblkl, 4 ); sblklen[4] = 0; sscanf( sblklen, "%x", &prvblkl ); data/hercules-3.13/faketape.c:236:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( sblklen, fakehdr.scurblkl, 4 ); sblklen[4] = 0; sscanf( sblklen, "%x", &curblkl ); data/hercules-3.13/faketape.c:237:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( sblklen, fakehdr.sxorblkl, 4 ); sblklen[4] = 0; sscanf( sblklen, "%x", &xorblkl ); data/hercules-3.13/faketape.c:304:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, buf, curblkl); data/hercules-3.13/faketape.c:382:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( fakehdr.sprvblkl, sblklen, sizeof(fakehdr.sprvblkl) ); data/hercules-3.13/faketape.c:384:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( fakehdr.scurblkl, sblklen, sizeof(fakehdr.scurblkl) ); data/hercules-3.13/faketape.c:386:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( fakehdr.sxorblkl, sblklen, sizeof(fakehdr.sxorblkl) ); data/hercules-3.13/fbadasd.c:75:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc == 0 || strlen(argv[0]) > sizeof(dev->filename)-1) data/hercules-3.13/fbadasd.c:117:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &devhdr, CKDDASD_DEVHDR_SIZE); data/hercules-3.13/fbadasd.c:138:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &cdevhdr, CCKDDASD_DEVHDR_SIZE); data/hercules-3.13/fbadasd.c:168:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 3 data/hercules-3.13/fbadasd.c:182:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev->dasdsfx = dev->dasdsfn + strlen(dev->dasdsfn); data/hercules-3.13/fbadasd.c:187:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 3 data/hercules-3.13/fbadasd.c:374:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, blkgrp, unitstat); data/hercules-3.13/fbadasd.c:409:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, blkgrp, unitstat); data/hercules-3.13/fbadasd.c:445:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, blkgrp, unitstat); data/hercules-3.13/fbadasd.c:648:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, dev->buf, len); data/hercules-3.13/fbadasd.c:686:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, blkgrp, unitstat); data/hercules-3.13/fbadasd.c:722:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (dev->hnd->read) (dev, -1, &unitstat); data/hercules-3.13/fbadasd.c:749:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (dev->hnd->read) (dev, -1, &unitstat); data/hercules-3.13/fbadasd.c:1499:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) ? (dev->hnd->read)(dev, rc, &byte) : -1; data/hercules-3.13/fbadasd.c:1499:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) ? (dev->hnd->read)(dev, rc, &byte) : -1; data/hercules-3.13/fillfnam.c:24:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(ent->d_name, filterarray, strlen(filterarray)) == 0) data/hercules-3.13/fillfnam.c:77:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(part1, cmdlinefull, i+1); data/hercules-3.13/fillfnam.c:82:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(part2, cmdlinefull + i + 1, cmdoff - i - 1); data/hercules-3.13/fillfnam.c:85:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(part2); data/hercules-3.13/fillfnam.c:108:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path, part2, strlen(part2)-strlen(filename)); data/hercules-3.13/fillfnam.c:108:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(path, part2, strlen(part2)-strlen(filename)); data/hercules-3.13/fillfnam.c:108:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(path, part2, strlen(part2)-strlen(filename)); data/hercules-3.13/fillfnam.c:109:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path[strlen(part2)-strlen(filename)] = '\0'; data/hercules-3.13/fillfnam.c:109:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path[strlen(part2)-strlen(filename)] = '\0'; data/hercules-3.13/fillfnam.c:146:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen(namelist[i]->d_name) + 2); data/hercules-3.13/fillfnam.c:148:16: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(namelist[i]->d_name,"/"); data/hercules-3.13/fillfnam.c:153:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buff = (char*)malloc(strlen(namelist[0]->d_name) + 1); /* first one */ data/hercules-3.13/fillfnam.c:156:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len1 = strlen(buff); data/hercules-3.13/fillfnam.c:157:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen(namelist[i]->d_name); data/hercules-3.13/fillfnam.c:167:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buff) > strlen(filename)) { data/hercules-3.13/fillfnam.c:167:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buff) > strlen(filename)) { data/hercules-3.13/fillfnam.c:170:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fullfilename = (char*)malloc(strlen(path) + strlen(buff) + 1); data/hercules-3.13/fillfnam.c:170:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fullfilename = (char*)malloc(strlen(path) + strlen(buff) + 1); data/hercules-3.13/fillfnam.c:181:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *(cmdoffset) = strlen(part1) + strlen(fullfilename); data/hercules-3.13/fillfnam.c:181:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *(cmdoffset) = strlen(part1) + strlen(fullfilename); data/hercules-3.13/general2.c:1989:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read; /* Bytes read */ data/hercules-3.13/general2.c:2213:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SET_GR_A(r2, regs, (srce += read) & ADDRESS_MAXWRAP(regs)); data/hercules-3.13/general2.c:2214:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SET_GR_A(r2 + 1, regs, srcelen -= read); data/hercules-3.13/general2.c:2216:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xlated += read; data/hercules-3.13/general2.c:2232:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read; /* Bytes read */ data/hercules-3.13/general2.c:2330:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SET_GR_A(r2, regs, (srce += read) & ADDRESS_MAXWRAP(regs)); data/hercules-3.13/general2.c:2331:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SET_GR_A(r2 + 1, regs, srcelen -= read); data/hercules-3.13/general2.c:2333:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xlated += read; data/hercules-3.13/getopt.c:430:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). current_argv_len = strlen(current_argv); data/hercules-3.13/getopt.c:438:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(long_options[i].name) == data/hercules-3.13/hao.c:197:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, &src[i], HAO_WKLEN); data/hercules-3.13/hao.c:199:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = strlen(dest); i && dest[i - 1] == ' '; i--); data/hercules-3.13/hao.c:242:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(arg)) data/hercules-3.13/hao.c:337:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(arg)) data/hercules-3.13/hao.c:539:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( 10 * 1000 ); data/hercules-3.13/hao.c:550:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( &ao_msgbuf[bufamt], msgbuf, msgamt ); data/hercules-3.13/hao.c:597:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (soff + len > strlen(str)) len = strlen(str) - soff; data/hercules-3.13/hao.c:597:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (soff + len > strlen(str)) len = strlen(str) - soff; data/hercules-3.13/hao.c:669:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += hao_subst(work, rm[0].rm_eo, strlen(work), cmd, n, sizeof(cmd)); data/hercules-3.13/hconsole.c:345:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *pkblen = strlen( kbbuf ); // inform caller #of chars data/hercules-3.13/hconsole.c:951:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). kblen = read (keybrd_fd, kbbuf, sizeof(kbbuf)-1); data/hercules-3.13/hdl.c:195:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fulllen = strlen(filename) + strlen(hdl_modpath) + 2 + HDL_SUFFIX_LENGTH; data/hercules-3.13/hdl.c:195:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fulllen = strlen(filename) + strlen(hdl_modpath) + 2 + HDL_SUFFIX_LENGTH; data/hercules-3.13/hdl.c:216:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fullname[strlen(fullname) - HDL_SUFFIX_LENGTH] = '\0'; data/hercules-3.13/hdl.c:233:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fulllen = strlen(filename) + 1 + HDL_SUFFIX_LENGTH; data/hercules-3.13/hdl.c:248:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fullname[strlen(fullname) - HDL_SUFFIX_LENGTH] = '\0'; data/hercules-3.13/hdl.c:312:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dtname = malloc(strlen(ltype) + sizeof(HDL_HDTP_Q) + 1); data/hercules-3.13/hdl.c:316:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(n = 0; n < strlen(dtname); n++) data/hercules-3.13/hercifc.c:74:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read( STDIN_FILENO, data/hercules-3.13/hercifc.c:199:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write( STDERR_FILENO, szMsgBuffer, strlen( szMsgBuffer ) ); data/hercules-3.13/hercifc.c:208:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write( STDERR_FILENO, szMsgBuffer, strlen( szMsgBuffer ) ); data/hercules-3.13/hercifc.c:233:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write( STDERR_FILENO, szMsgBuffer, strlen( szMsgBuffer ) ); data/hercules-3.13/herclin.c:117:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str[strlen(str)-1]=0; data/hercules-3.13/history.c:36:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). historyCmdLine = malloc(strlen(cmdline)+1); data/hercules-3.13/history.c:72:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp->cmdline = (char*) malloc(strlen(cmdline) + 1); data/hercules-3.13/hmacros.h:24:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define read_tape read data/hercules-3.13/hmacros.h:37:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define read_pipe(f,b,n) read(f,b,n) data/hercules-3.13/hmacros.h:398:12: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1); \ data/hercules-3.13/hsccmd.c:354:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(msgtxt && strlen(msgtxt)>0) data/hercules-3.13/hsccmd.c:853:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) + strlen(wrk) >= buflen - 4) data/hercules-3.13/hsccmd.c:853:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) + strlen(wrk) >= buflen - 4) data/hercules-3.13/hsccmd.c:1585:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen( cwd ); data/hercules-3.13/hsccmd.c:1597:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pTAMDIR->len = strlen (cwd); data/hercules-3.13/hsccmd.c:1681:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen( tamdir1 ); data/hercules-3.13/hsccmd.c:1689:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen( tamdir2 ); data/hercules-3.13/hsccmd.c:1749:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen( cwd ); data/hercules-3.13/hsccmd.c:1761:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pCurrTAMDIR->len = strlen (cwd); data/hercules-3.13/hsccmd.c:1830:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10*1000); // (let thread start/end) data/hercules-3.13/hsccmd.c:1966:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( volname, tapemsg+1, 6 ); data/hercules-3.13/hsccmd.c:3223:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmdline) > 1) data/hercules-3.13/hsccmd.c:3663:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(argv[1]) >= 1 && strlen(argv[1]) <= 2 data/hercules-3.13/hsccmd.c:3663:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(argv[1]) >= 1 && strlen(argv[1]) <= 2 data/hercules-3.13/hsccmd.c:3667:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sysblk.lparnuml = strlen(argv[1]); data/hercules-3.13/hsccmd.c:3796:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=0;j<(int)strlen(argv[i]) && maxb<MAXPARMSTRING;j++) data/hercules-3.13/hsccmd.c:4726:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[0]) < 3 || strchr ("+-cdk", argv[0][2]) == NULL) data/hercules-3.13/hsccmd.c:4738:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[0]) > 3) data/hercules-3.13/hsccmd.c:5322:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = read (fd, buf, 80)) < 0) data/hercules-3.13/hsccmd.c:7502:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (scrlen = strlen(scrbuf); scrlen && isspace(scrbuf[scrlen-1]); scrlen--); data/hercules-3.13/hscmisc.c:1439:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int rc = (int)(strlen(SHELL_CMD_SHIM_PGM) + strlen(command) + 1); data/hercules-3.13/hscmisc.c:1439:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int rc = (int)(strlen(SHELL_CMD_SHIM_PGM) + strlen(command) + 1); data/hercules-3.13/hscutl.c:114:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(sz<=strlen(wbfr)) data/hercules-3.13/hscutl.c:120:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(bfr,wbfr,sz); data/hercules-3.13/hscutl.c:234:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return(dlen + strlen(s)); data/hercules-3.13/hscutl.c:321:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tok->var=malloc(MIN(MAX_SYMBOL_SIZE+1,strlen(sym)+1)); data/hercules-3.13/hscutl.c:327:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tok->var,sym,MIN(MAX_SYMBOL_SIZE+1,strlen(sym)+1)); data/hercules-3.13/hscutl.c:327:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(tok->var,sym,MIN(MAX_SYMBOL_SIZE+1,strlen(sym)+1)); data/hercules-3.13/hscutl.c:346:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tok->val=malloc(strlen(value)+1); data/hercules-3.13/hscutl.c:430:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). resstr=malloc(strlen(text)+1); data/hercules-3.13/hscutl.c:480:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). resstr=malloc(strlen(text)+1); data/hercules-3.13/hscutl.c:819:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc=hwrite(s,bfr,strlen(bfr)); data/hercules-3.13/hsocket.c:59:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, ptr, nleft); data/hercules-3.13/httpserv.c:274:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(pointer+1, pointer+3, strlen(pointer+3)+1); data/hercules-3.13/httpserv.c:354:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp( sysblk.httproot, resolved_path, strlen(sysblk.httproot))) data/hercules-3.13/httpserv.c:457:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((length = read(fd, buffer, sizeof(buffer))) > 0) data/hercules-3.13/httpserv.c:691:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = strlen(absolute_httproot_path); data/hercules-3.13/impl.c:160:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); data/hercules-3.13/impl.c:273:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( 10 * 1000 ); data/hercules-3.13/impl.c:282:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( 10 * 1000 ); data/hercules-3.13/impl.c:409:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); /* (give logger thread time to issue data/hercules-3.13/impl.c:670:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); data/hercules-3.13/loadparm.c:24:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = 0; name && i < strlen(name) && i < len; i++) data/hercules-3.13/loadparm.c:44:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = 0; name && i < strlen(name) && i < sizeof(loadparm); i++) data/hercules-3.13/loadparm.c:90:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = 0; name && i < strlen(name) && i < sizeof(lparname); i++) data/hercules-3.13/loadparm.c:138:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = 0; name && i < strlen(name) && i < sizeof(manufact); i++) data/hercules-3.13/loadparm.c:165:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = 0; name && i < strlen(name) && i < sizeof(plant); i++) data/hercules-3.13/logger.c:162:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t term_msg_len = strlen(term_msg); data/hercules-3.13/logger.c:216:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). logger_logfile_write( hhmmss, strlen(hhmmss) ); data/hercules-3.13/logger.c:414:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t term_msg_len = strlen(term_msg); data/hercules-3.13/logmsg.c:255:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write_pipe( logger_syslogfd[LOG_WRITE], msg, strlen(msg) ); data/hercules-3.13/logmsg.c:263:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write_pipe( logger_syslogfd[LOG_WRITE], msg, strlen(msg) ); data/hercules-3.13/logmsg.c:290:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cd->sz=strlen(msg)+1; data/hercules-3.13/logmsg.c:296:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cd->sz+=strlen(msg); data/hercules-3.13/losc.c:51:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strncasecmp(ostype, *lictype, strlen(*lictype))) data/hercules-3.13/ltdl.c:102:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define LT_D_NAMLEN(dirent) (strlen((dirent)->d_name)) data/hercules-3.13/ltdl.c:105:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define LT_D_NAMLEN(dirent) (strlen((dirent)->d_name)) data/hercules-3.13/ltdl.c:274:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = LT_DLMALLOC (char, 1+ strlen (str)); data/hercules-3.13/ltdl.c:456:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(file_specification,path,LT_FILENAME_MAX-1); data/hercules-3.13/ltdl.c:457:10: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. (void) strcat(file_specification,"\\"); data/hercules-3.13/ltdl.c:495:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(entry->file_info.d_name,entry->Win32FindData.cFileName, data/hercules-3.13/ltdl.c:497:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). entry->file_info.d_namlen = strlen(entry->file_info.d_name); data/hercules-3.13/ltdl.c:1658:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!errstr || !strlen(errstr)) errstr = othererror; data/hercules-3.13/ltdl.c:1911:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(saveError, lt_int_dyld_error(LT_DLSTRERROR(SYMBOL_NOT_FOUND)), 255); data/hercules-3.13/ltdl.c:3012:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, &str[1], (end - str) - 1); data/hercules-3.13/ltdl.c:3104:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (dir, canonical, dirlen); data/hercules-3.13/ltdl.c:3479:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = LT_EMALLOC (char, len + strlen (archive_ext) + 1); data/hercules-3.13/ltdl.c:3500:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (LT_STRLEN (shlib_ext) > strlen (archive_ext)) data/hercules-3.13/ltdl.c:3637:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (buf, "/"); data/hercules-3.13/ltdl.c:3638:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (buf, dp->d_name, end_offset); data/hercules-3.13/ltdl.c:3995:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert (before - *ppath <= (int)strlen (*ppath)); data/hercules-3.13/ltdl.h:89:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define LT_STRLEN(s) (((s) && (s)[0]) ? strlen (s) : 0) data/hercules-3.13/omatape.c:69:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (pathlen = strlen(dev->filename); pathlen > 0; ) data/hercules-3.13/omatape.c:119:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (fd, tdfbuf, tdfsize); data/hercules-3.13/omatape.c:212:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pathlen + 1 + strlen(tdffilenm) data/hercules-3.13/omatape.c:224:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < (int)strlen(tdffilenm); i++) data/hercules-3.13/omatape.c:246:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (tdftab[filecount].filename, dev->filename, pathlen); data/hercules-3.13/omatape.c:448:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &omahdr, sizeof(omahdr)); data/hercules-3.13/omatape.c:551:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, buf, curblkl); data/hercules-3.13/omatape.c:617:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). blklen = read (dev->fd, buf, omadesc->blklen); data/hercules-3.13/omatape.c:693:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (dev->fd, &c, 1); data/hercules-3.13/opcode.c:1434:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)(23-strlen(mnemonic)),operands,name) data/hercules-3.13/panel.c:203:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define CMD_PREFIX_LEN (strlen(CMD_PREFIX_STR)) data/hercules-3.13/panel.c:690:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdlen = strlen(cmdline); data/hercules-3.13/panel.c:701:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdlen = strlen(cmdline); data/hercules-3.13/panel.c:822:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(text); data/hercules-3.13/panel.c:922:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:923:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:1564:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). online = (dev->console && dev->connected) || strlen(dev->filename) > 0; data/hercules-3.13/panel.c:1628:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (NPdevnam[i], ""); data/hercules-3.13/panel.c:1637:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(NPprompt1) > 0) data/hercules-3.13/panel.c:1640:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). set_pos (cons_rows, (40 - strlen(NPprompt1)) / 2); data/hercules-3.13/panel.c:1655:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(NPprompt2) > 0) data/hercules-3.13/panel.c:1787:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(grps[0],"0"); data/hercules-3.13/panel.c:1810:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(obfr,","); data/hercules-3.13/panel.c:1997:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). kblen = read (keybfd, kbbuf, kbbufsize-1); data/hercules-3.13/panel.c:2103:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPentered, ""); data/hercules-3.13/panel.c:2118:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPentered, ""); data/hercules-3.13/panel.c:2132:33: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2138:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2151:33: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2157:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2170:33: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2184:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPentered, ""); data/hercules-3.13/panel.c:2198:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:2211:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:2224:29: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:2237:25: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:2238:25: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2472:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdlen = strlen(cmdline); data/hercules-3.13/panel.c:2531:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdlen = strlen(cmdline); data/hercules-3.13/panel.c:2547:37: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:2552:37: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt1, ""); data/hercules-3.13/panel.c:2555:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmdline) < 1) { data/hercules-3.13/panel.c:2558:37: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPdevnam[NPasgn], ""); data/hercules-3.13/panel.c:2562:37: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(NPprompt2, ""); data/hercules-3.13/panel.c:2752:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); data/hercules-3.13/panel.c:2955:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len + (int)strlen(ibuf) < cons_cols) data/hercules-3.13/panel.c:2956:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = cons_cols - strlen(ibuf); data/hercules-3.13/pfpo.c:95:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(f->str, "0"); data/hercules-3.13/pfpo.c:120:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:122:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:127:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:129:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:132:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "@"); data/hercules-3.13/pfpo.c:134:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%d", exp - 127); data/hercules-3.13/pfpo.c:136:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:179:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(f->str, "0"); data/hercules-3.13/pfpo.c:204:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:206:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:211:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:213:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:216:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "@"); data/hercules-3.13/pfpo.c:218:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%d", exp - 1023); data/hercules-3.13/pfpo.c:220:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:265:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(f->str, "0"); data/hercules-3.13/pfpo.c:290:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:292:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:297:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:299:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:306:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:308:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "0"); data/hercules-3.13/pfpo.c:311:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "@"); data/hercules-3.13/pfpo.c:313:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%d", exp - 16383); data/hercules-3.13/pfpo.c:315:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "1"); data/hercules-3.13/pfpo.c:441:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(f->str, "0"); data/hercules-3.13/pfpo.c:452:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%02x", (r & mask) >> (16 - (i * 8))); data/hercules-3.13/pfpo.c:455:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "@"); data/hercules-3.13/pfpo.c:456:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%d", exp - 64); data/hercules-3.13/pfpo.c:482:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(f->str, "0"); data/hercules-3.13/pfpo.c:493:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%02"I64_FMT"x", (r & mask) >> (48 - (i * 8))); data/hercules-3.13/pfpo.c:496:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "@"); data/hercules-3.13/pfpo.c:497:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%d", exp - 64); data/hercules-3.13/pfpo.c:525:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(f->str, "0"); data/hercules-3.13/pfpo.c:536:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%02"I64_FMT"x", (h & mask) >> (48 - (i * 8))); data/hercules-3.13/pfpo.c:542:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%02"I64_FMT"x", (l & mask) >> (48 - (i * 8))); data/hercules-3.13/pfpo.c:545:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(f->str, "@"); data/hercules-3.13/pfpo.c:546:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(&f->str[strlen(f->str)], "%d", exp - 64); data/hercules-3.13/printer.c:191:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) + strlen(wrk) >= buflen - 4) data/hercules-3.13/printer.c:191:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) + strlen(wrk) >= buflen - 4) data/hercules-3.13/printer.c:328:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc == 0 || strlen(argv[0]) > sizeof(dev->filename)-1) data/hercules-3.13/printer.c:336:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (dev->filename, argv[0], sizeof(dev->filename)); data/hercules-3.13/printer.c:1084:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write_buffer(dev, eor, strlen(eor), unitstat); data/hercules-3.13/printer.c:1138:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write_buffer(dev, eor, strlen(eor), unitstat); data/hercules-3.13/pttrace.c:210:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncasecmp("to=", argv[0], 3) == 0 && strlen(argv[0]) > 3 data/hercules-3.13/pttrace.c:232:21: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1000); data/hercules-3.13/scedasd.c:107:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp( sce_basedir, fullpath, strlen(sce_basedir))) data/hercules-3.13/scedasd.c:113:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp( sce_basedir, fullpath, strlen(sce_basedir))) data/hercules-3.13/scedasd.c:261:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(fd, sysblk.mainstor + pageaddr, pagesize); data/hercules-3.13/scedasd.c:466:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, page, STORAGE_KEY_PAGESIZE); data/hercules-3.13/service.c:178:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(command) < 1) data/hercules-3.13/service.c:188:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (servc_scpcmdstr, command, sizeof(servc_scpcmdstr)); data/hercules-3.13/service.c:257:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). event_msglen = strlen(servc_scpcmdstr); data/hercules-3.13/shared.c:123:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc < 1 || strlen(argv[0]) >= sizeof(buf)) data/hercules-3.13/shared.c:155:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (port && strlen(port)) data/hercules-3.13/shared.c:163:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (rmtnum && strlen(rmtnum)) data/hercules-3.13/shared.c:165:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (rmtnum) > 4 data/hercules-3.13/shared.c:189:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 3 data/hercules-3.13/shared.c:198:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 5 data/hercules-3.13/shared.c:402:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc < 1 || strlen(argv[0]) >= sizeof(buf)) data/hercules-3.13/shared.c:435:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (rmtnum) > 4 data/hercules-3.13/shared.c:446:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (argv[i]) > 5 data/hercules-3.13/shared.c:851:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, trk, unitstat); data/hercules-3.13/shared.c:1048:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, blkgrp, unitstat); data/hercules-3.13/shared.c:1343:30: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. if (rc < 0 && retry) usleep (20000); data/hercules-3.13/shared.c:1971:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = (dev->hnd->read) (dev, rcd, &flag); data/hercules-3.13/shared.c:2165:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(msg) + 1; data/hercules-3.13/shared.c:2666:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsnprintf ((char *)s + strlen(s), sizeof(s) - strlen(s), data/hercules-3.13/shared.c:2666:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsnprintf ((char *)s + strlen(s), sizeof(s) - strlen(s), data/hercules-3.13/shared.c:2903:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc != 2 || strlen(argv[1]) > 255) data/hercules-3.13/sllib.c:639:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). switch( strlen( src ) ) data/hercules-3.13/sllib.c:939:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( volser ); data/hercules-3.13/sllib.c:952:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( owner ); data/hercules-3.13/sllib.c:1104:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( dsn ); data/hercules-3.13/sllib.c:1138:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( volser ); data/hercules-3.13/sllib.c:1446:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( jobname ); data/hercules-3.13/sllib.c:1452:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( stepname ); data/hercules-3.13/sllib.c:1483:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( trtch ); data/hercules-3.13/sllib.c:1641:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( data ); data/hercules-3.13/sockdev.c:78:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (path) > sizeof(addr.sun_path) - 1) data/hercules-3.13/sr.c:33:17: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); data/hercules-3.13/sr.c:88:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep (1000); data/hercules-3.13/sr.c:101:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep (1000); data/hercules-3.13/sr.c:115:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep (10000); data/hercules-3.13/sr.h:515:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen((_s)) + 1 > SR_MAX_STRING_LENGTH) SR_STRING_ERROR; \ data/hercules-3.13/sr.h:516:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SR_WRITE_HDR((_file), (_key), strlen((_s)) + 1); \ data/hercules-3.13/sr.h:517:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _rc = SR_WRITE((_s), 1, strlen((_s)) + 1, (_file)); \ data/hercules-3.13/sr.h:518:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (_rc != strlen((_s)) + 1) SR_WRITE_ERROR; \ data/hercules-3.13/tapeccws.c:732:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = dev->tmh->read( dev, iobuf, unitstat, code)) < 0) data/hercules-3.13/tapeccws.c:927:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = dev->tmh->read( dev, iobuf, unitstat, code )) < 0) data/hercules-3.13/tapeccws.c:3241:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). RESIDUAL_CALC (strlen(dev->filename)); data/hercules-3.13/tapecopy.c:126:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/hercules-3.13/tapecopy.c:317:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (diskfd, &awshdr, sizeof(AWSTAPE_BLKHDR)); data/hercules-3.13/tapecopy.c:347:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (diskfd, bufptr, blksize); data/hercules-3.13/tapecopy.c:522:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || ( strlen( argv[1] ) > 5 && strnfilenamecmp( argv[1], "/dev/", 5 ) == 0 ) data/hercules-3.13/tapecopy.c:523:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || ( strlen( argv[1] ) > 4 && strnfilenamecmp( argv[1], "\\\\.\\", 4 ) == 0 ) data/hercules-3.13/tapecopy.c:541:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || ( strlen( argv[2] ) > 5 && strnfilenamecmp( argv[2], "/dev/", 5 ) == 0 ) data/hercules-3.13/tapecopy.c:542:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || ( strlen( argv[2] ) > 4 && strnfilenamecmp( argv[2], "\\\\.\\", 4 ) == 0 ) data/hercules-3.13/tapecopy.c:585:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); data/hercules-3.13/tapecopy.c:598:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); data/hercules-3.13/tapecopy.c:611:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); data/hercules-3.13/tapedev.c:901:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (rc = strlen(dev->filename)) > 4 data/hercules-3.13/tapedev.c:909:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (rc = strlen(dev->filename)) > 4 data/hercules-3.13/tapedev.c:917:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (rc = strlen(dev->filename)) > 4 data/hercules-3.13/tapedev.c:925:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (rc = strlen(dev->filename)) > 4 data/hercules-3.13/tapedev.c:934:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (rc = strlen(dev->filename)) > 5 data/hercules-3.13/tapedev.c:986:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (fd, hdr, sizeof(hdr)); data/hercules-3.13/tapedev.c:1178:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (argc == 0 || strlen(argv[0]) > sizeof(dev->filename)-1) data/hercules-3.13/tapedev.c:1810:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( volser, tapemsg+1, 6 ); volser[6]=0; data/hercules-3.13/tapedev.c:2137:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=(strlen(rec)-1);isspace(rec[i]) && i>=0;i--) data/hercules-3.13/tapedev.c:2141:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(rec)==0) data/hercules-3.13/tapedev.c:2245:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev->al_argv[dev->al_argc]=(char *)malloc(strlen(par)+sizeof(char)); data/hercules-3.13/tapedev.c:2263:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tae.filename=malloc(strlen(fn)+sizeof(char)+1); data/hercules-3.13/tapedev.c:2271:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tae.argv[tae.argc]=malloc(strlen(p)+sizeof(char)+1); data/hercules-3.13/tapedev.c:2372:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pars[pcount]=malloc(strlen(dev->al_argv[i])+10); data/hercules-3.13/tapedev.c:2381:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pars[pcount]=malloc(strlen(dev->als[alix].argv[i])+10); data/hercules-3.13/tapedev.h:342:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int (*read) (DEVBLK*, BYTE *buf, BYTE *unitstat, BYTE code); data/hercules-3.13/tapemap.c:114:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, buf, sizeof(AWSTAPE_BLKHDR)); data/hercules-3.13/tapemap.c:166:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, buf, curblkl); data/hercules-3.13/tapesplt.c:137:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, buf, sizeof(AWSTAPE_BLKHDR)); data/hercules-3.13/tapesplt.c:211:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read (infd, buf, curblkl); data/hercules-3.13/timer.c:274:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep ( sysblk.timerint ); data/hercules-3.13/tuntap.c:117:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = read (ifd[1], &ctlreq, CTLREQ_SIZE); data/hercules-3.13/tuntap.c:258:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( pszNetDevName, ++p, IFNAMSIZ ); data/hercules-3.13/tuntap.h:88:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define TUNTAP_Read read data/hercules-3.13/vm.c:1170:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). resplen = strlen(dresp); data/hercules-3.13/w32ctca.c:52:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). TT32_PROCADDRS ( read ); data/hercules-3.13/w32ctca.c:72:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). GET_TT32_PROCADDRS ( read ); data/hercules-3.13/w32stape.c:189:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(pszTapeDevNum) == 1 data/hercules-3.13/w32util.c:534:16: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. DLL_EXPORT int usleep ( useconds_t useconds ) data/hercules-3.13/w32util.c:771:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pattern = (char*)malloc(strlen(dir) + 3 +1 +1); data/hercules-3.13/w32util.c:773:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pattern[ strlen(pattern) - 1] != '\\') data/hercules-3.13/w32util.c:774:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(pattern, "\\"); data/hercules-3.13/w32util.c:1102:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t inlen = strlen(inpath); data/hercules-3.13/w32util.c:1201:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(dirbuf) ? 1 : 0; data/hercules-3.13/w32util.c:1985:17: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep( pTimeVal->tv_usec ); data/hercules-3.13/w32util.c:2354:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_overflow_msg_len = strlen( buffer_overflow_msg ); data/hercules-3.13/w32util.c:2450:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(pszCommandLine) + 1; data/hercules-3.13/w32util.c:2817:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nNewStrLen = strlen( pbeg ); data/hercules-3.13/w32util.c:2877:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*pnHoldAmount = (int)strlen(pbeg)) > 0) // new amount of data remaining data/hercules-3.13/w32util.h:79:22: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. W32_DLL_IMPORT int usleep ( useconds_t useconds ); ANALYSIS SUMMARY: Hits = 2304 Lines analyzed = 261713 in approximately 6.97 seconds (37562 lines/second) Physical Source Lines of Code (SLOC) = 175190 Hits@level = [0] 863 [1] 593 [2] 1371 [3] 77 [4] 263 [5] 0 Hits@level+ = [0+] 3167 [1+] 2304 [2+] 1711 [3+] 340 [4+] 263 [5+] 0 Hits/KSLOC@level+ = [0+] 18.0775 [1+] 13.1514 [2+] 9.76654 [3+] 1.94075 [4+] 1.50123 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.