Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/inform6-compiler-6.33/arrays.c Examining data/inform6-compiler-6.33/asm.c Examining data/inform6-compiler-6.33/bpatch.c Examining data/inform6-compiler-6.33/chars.c Examining data/inform6-compiler-6.33/directs.c Examining data/inform6-compiler-6.33/errors.c Examining data/inform6-compiler-6.33/expressc.c Examining data/inform6-compiler-6.33/expressp.c Examining data/inform6-compiler-6.33/files.c Examining data/inform6-compiler-6.33/header.h Examining data/inform6-compiler-6.33/inform.c Examining data/inform6-compiler-6.33/lexer.c Examining data/inform6-compiler-6.33/linker.c Examining data/inform6-compiler-6.33/memory.c Examining data/inform6-compiler-6.33/objects.c Examining data/inform6-compiler-6.33/states.c Examining data/inform6-compiler-6.33/symbols.c Examining data/inform6-compiler-6.33/syntax.c Examining data/inform6-compiler-6.33/tables.c Examining data/inform6-compiler-6.33/text.c Examining data/inform6-compiler-6.33/veneer.c Examining data/inform6-compiler-6.33/verbs.c FINAL RESULTS: data/inform6-compiler-6.33/inform.c:1654:12: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. while (gets(buffer1)==NULL); cli_file1=buffer1; data/inform6-compiler-6.33/inform.c:1656:12: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. while (gets(buffer2)==NULL); cli_file2=buffer2; data/inform6-compiler-6.33/inform.c:1661:16: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. while (gets(buffer3)==NULL); execute_icl_command(buffer3); data/inform6-compiler-6.33/asm.c:654:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(q, "%s", opco.name); data/inform6-compiler-6.33/asm.c:678:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(q+strlen(q), "%s", p); data/inform6-compiler-6.33/asm.c:702:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(q, "%s", opco.name); data/inform6-compiler-6.33/asm.c:703:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(q+strlen(q), " <%d operand%s", opco.no, data/inform6-compiler-6.33/asm.c:1494:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fnt, "[ %s(", name); data/inform6-compiler-6.33/asm.c:1502:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fnt, "%s%s = ", (i==1)?"":", ", variable_name(i)); data/inform6-compiler-6.33/asm.c:1560:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fnt, "[ %s(", name); data/inform6-compiler-6.33/asm.c:1568:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fnt, "%s%s = ", (ix==1)?"":", ", variable_name(ix)); data/inform6-compiler-6.33/asm.c:1581:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fnt, "%s = ", variable_name(1)); data/inform6-compiler-6.33/directs.c:739:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(serial_code_buffer, token_text); data/inform6-compiler-6.33/files.c:116:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename_storage_p, name); data/inform6-compiler-6.33/files.c:608:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(settype_command, "settype %s %s", data/inform6-compiler-6.33/files.c:610:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(settype_command); data/inform6-compiler-6.33/files.c:1143:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(settype_command, "settype %s %s", data/inform6-compiler-6.33/files.c:1145:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(settype_command); data/inform6-compiler-6.33/files.c:1185:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(topline_buffer, "Transcript of the text of \"%s\"\n\ data/inform6-compiler-6.33/files.c:1201:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(botline_buffer, "\n[End of transcript: release %d.%s]\n", data/inform6-compiler-6.33/files.c:1212:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(settype_command, "settype %s text", data/inform6-compiler-6.33/files.c:1214:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(settype_command); data/inform6-compiler-6.33/files.c:1262:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(Debug_fp, format, argument_pointer); data/inform6-compiler-6.33/header.h:408:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/inform6-compiler-6.33/header.h:408:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/inform6-compiler-6.33/inform.c:574:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(new_name,"%s%s", old_name, extension); data/inform6-compiler-6.33/inform.c:577:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_name, prefix_path + start_pos); data/inform6-compiler-6.33/inform.c:584:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(new_name + x, "%s%s", old_name, extension); data/inform6-compiler-6.33/inform.c:665:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(current_source_path, new_name); data/inform6-compiler-6.33/inform.c:721:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(new_name, old_name); return; data/inform6-compiler-6.33/inform.c:913:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(old_name, Source_Path); data/inform6-compiler-6.33/inform.c:928:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Source_Path, old_name); data/inform6-compiler-6.33/inform.c:949:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(p,"%s%s%d", Temporary_Path, Temporary_File, i); data/inform6-compiler-6.33/inform.c:1082:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Source_Name, file1); convert_filename_flag = TRUE; data/inform6-compiler-6.33/inform.c:1083:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Code_Name, file1); data/inform6-compiler-6.33/inform.c:1085:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(Code_Name, file2); convert_filename_flag = FALSE; data/inform6-compiler-6.33/inform.c:1606:19: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). case '(': strcpy(cli_buff,p+1); cli_buff[strlen(cli_buff)-1]=0; data/inform6-compiler-6.33/inform.c:1635:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(banner_line, RELEASE_SUFFIX); data/inform6-compiler-6.33/inform.c:1638:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(banner_line+strlen(banner_line), " for %s", MACHINE_STRING); data/inform6-compiler-6.33/inform.c:1640:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(banner_line+strlen(banner_line), " (%s)", RELEASE_DATE); data/inform6-compiler-6.33/lexer.c:654:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, q); data/inform6-compiler-6.33/lexer.c:1699:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(veneer_error_title, "<veneer routine '%s'>", name); data/inform6-compiler-6.33/linker.c:234:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(link_errorm, data/inform6-compiler-6.33/linker.c:242:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(link_errorm, data/inform6-compiler-6.33/linker.c:512:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(current_module_filename, given_filename); data/inform6-compiler-6.33/linker.c:629:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(link_banner, data/inform6-compiler-6.33/memory.c:169:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(chunk_name_buffer, "%s chunk %d", p, no); data/inform6-compiler-6.33/objects.c:1072:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(already_error, data/inform6-compiler-6.33/objects.c:1129:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_b, data/inform6-compiler-6.33/objects.c:1160:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(embedded_name, data/inform6-compiler-6.33/objects.c:1165:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(embedded_name, data/inform6-compiler-6.33/objects.c:1341:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(already_error, data/inform6-compiler-6.33/objects.c:1393:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_b, data/inform6-compiler-6.33/objects.c:1427:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(embedded_name, data/inform6-compiler-6.33/objects.c:1432:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(embedded_name, data/inform6-compiler-6.33/objects.c:1777:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(shortname_buffer, token_text); data/inform6-compiler-6.33/objects.c:1882:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(duplicate_name, "%s_1", shortname_buffer); data/inform6-compiler-6.33/objects.c:1972:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(internal_name, token_text); data/inform6-compiler-6.33/objects.c:2035:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(shortname_buffer, "(%s)", data/inform6-compiler-6.33/symbols.c:225:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *) symbols_free_space, p); data/inform6-compiler-6.33/symbols.c:389:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:394:29: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string+strlen(idname_string), data/inform6-compiler-6.33/symbols.c:405:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:414:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:419:29: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string+strlen(idname_string), data/inform6-compiler-6.33/symbols.c:430:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:437:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:455:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:466:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:474:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:481:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[named_routine_symbols[i]]); data/inform6-compiler-6.33/symbols.c:490:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/tables.c:102:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer, serial_code_buffer); data/inform6-compiler-6.33/tables.c:670:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(memory_full_error, data/inform6-compiler-6.33/tables.c:1156:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(abbrev_string, data/inform6-compiler-6.33/tables.c:1845:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(abbrev_string, data/inform6-compiler-6.33/text.c:149:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(p,p1); strcpy(p1,p2); strcpy(p2,p); data/inform6-compiler-6.33/text.c:149:35: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(p,p1); strcpy(p1,p2); strcpy(p2,p); data/inform6-compiler-6.33/text.c:149:50: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(p,p1); strcpy(p1,p2); strcpy(p2,p); data/inform6-compiler-6.33/text.c:203:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *)abbreviations_at data/inform6-compiler-6.33/text.c:410:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(all_text_top, "%s\n\n", s_text); data/inform6-compiler-6.33/veneer.c:2336:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(veneer_source_area, VRs[i].source1); data/inform6-compiler-6.33/veneer.c:2337:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(veneer_source_area, VRs[i].source2); data/inform6-compiler-6.33/veneer.c:2338:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(veneer_source_area, VRs[i].source3); data/inform6-compiler-6.33/veneer.c:2339:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(veneer_source_area, VRs[i].source4); data/inform6-compiler-6.33/veneer.c:2340:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(veneer_source_area, VRs[i].source5); data/inform6-compiler-6.33/veneer.c:2341:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(veneer_source_area, VRs[i].source6); data/inform6-compiler-6.33/verbs.c:136:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(action_sub, "%s__A", token_text); data/inform6-compiler-6.33/verbs.c:173:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(action_sub, "%s__A", name); data/inform6-compiler-6.33/verbs.c:218:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). { strcpy(action_name, (char *) symbs[action_symbol[i]]); data/inform6-compiler-6.33/verbs.c:220:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(action_sub, action_name); data/inform6-compiler-6.33/verbs.c:340:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(English_verb_list_top+3, English_verb); data/inform6-compiler-6.33/files.c:85:7: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. char *realpath(const char *path, char *resolved_path) data/inform6-compiler-6.33/files.c:127:13: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (realpath(name, absolute_name)) data/inform6-compiler-6.33/asm.c:69:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char opcode_syntax_string[128]; /* Text buffer holding the correct data/inform6-compiler-6.33/asm.c:208:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. return ((char *) symbs[variable_tokens[i]]); data/inform6-compiler-6.33/asm.c:663:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. { case TEXT: sprintf(q+strlen(q), " <text>"); return; data/inform6-compiler-6.33/asm.c:664:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case LABEL: sprintf(q+strlen(q), " <label>"); return; data/inform6-compiler-6.33/asm.c:666:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(q+strlen(q), " <variable>"); data/inform6-compiler-6.33/asm.c:668:38: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (opco.op_rules==CALL) sprintf(q+strlen(q), " <routine>"); data/inform6-compiler-6.33/asm.c:679:33: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if ((opco.flags & St) != 0) sprintf(q+strlen(q), " -> <result-variable>"); data/inform6-compiler-6.33/asm.c:680:33: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if ((opco.flags & Br) != 0) sprintf(q+strlen(q), " ?[~]<label>"); data/inform6-compiler-6.33/asm.c:707:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cx, ": "); data/inform6-compiler-6.33/asm.c:716:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cx, "Lb"); data/inform6-compiler-6.33/asm.c:735:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cx, "%d", ix+1); data/inform6-compiler-6.33/asm.c:1469:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char fnt[256]; assembly_operand PV, RFA, CON, STP, SLF; int ln, ln2; data/inform6-compiler-6.33/asm.c:1508:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fnt, ") ]^"); AI.text = fnt; data/inform6-compiler-6.33/asm.c:1549:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fnt[256]; data/inform6-compiler-6.33/asm.c:1747:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[j], slines[j]); data/inform6-compiler-6.33/asm.c:1750:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. dbnu_warning("Label", (char *) symbs[j], slines[j]); data/inform6-compiler-6.33/asm.c:2710:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). custom_opcode_z.code = atoi(token_text+i); data/inform6-compiler-6.33/asm.c:2722:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char range[32]; data/inform6-compiler-6.33/asm.c:2723:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(range, "%d to %d", min, max-1); data/inform6-compiler-6.33/asm.c:2736:56: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'F': custom_opcode_z.flags2_set = atoi(token_text+i); data/inform6-compiler-6.33/asm.c:3017:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). custom_opcode_g.code = atoi(cx); data/inform6-compiler-6.33/bpatch.c:113:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[value], slines[value]); data/inform6-compiler-6.33/bpatch.c:126:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[value]); data/inform6-compiler-6.33/bpatch.c:260:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[value], slines[value]); data/inform6-compiler-6.33/bpatch.c:273:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[value]); data/inform6-compiler-6.33/chars.c:99:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alphabet_used[78]; /* Flags (holding 'N' or 'Y') for data/inform6-compiler-6.33/chars.c:282:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cs_buff[256]; data/inform6-compiler-6.33/chars.c:286:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). charset_file=fopen(Charset_Map, "r"); data/inform6-compiler-6.33/chars.c:307:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). uccg[i++] = (uchar)atoi(p); data/inform6-compiler-6.33/chars.c:1145:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char uac[4]; data/inform6-compiler-6.33/chars.c:1203:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(text, "@{%x}", unicode); data/inform6-compiler-6.33/chars.c:1274:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *) alphabet[0], "abcdefghijklmnopqrstuvwxyz"); data/inform6-compiler-6.33/chars.c:1274:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcpy((char *) alphabet[0], "abcdefghijklmnopqrstuvwxyz"); data/inform6-compiler-6.33/chars.c:1275:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *) alphabet[1], "ABCDEFGHIJKLMNOPQRSTUVWXYZ"); data/inform6-compiler-6.33/chars.c:1275:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcpy((char *) alphabet[1], "ABCDEFGHIJKLMNOPQRSTUVWXYZ"); data/inform6-compiler-6.33/chars.c:1276:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *) alphabet[2], " ^0123456789.,!?_#'~/\\-:()"); data/inform6-compiler-6.33/chars.c:1276:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcpy((char *) alphabet[2], " ^0123456789.,!?_#'~/\\-:()"); data/inform6-compiler-6.33/directs.c:365:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). { i = atoi(token_text+3); data/inform6-compiler-6.33/directs.c:806:52: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. assemble_routine_header(k, FALSE, (char *) symbs[i], FALSE, i), data/inform6-compiler-6.33/directs.c:944:84: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { error_named("Cannot Undef a symbol which is not a defined constant:", (char *)symbs[token_value]); data/inform6-compiler-6.33/errors.c:13:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char error_message_buff[ERROR_BUFLEN+4]; /* room for ellipsis */ data/inform6-compiler-6.33/errors.c:71:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(error_message_buff, "..."); data/inform6-compiler-6.33/errors.c:176:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(forerrors_buff+68," ...etc"); data/inform6-compiler-6.33/expressc.c:437:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t = (char *) (symbs[AO.value]); data/inform6-compiler-6.33/expressc.c:807:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t = (char *) (symbs[AO.value]); data/inform6-compiler-6.33/expressp.c:13:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char separators_to_operators[103]; data/inform6-compiler-6.33/expressp.c:14:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char conditionals_to_operators[7]; data/inform6-compiler-6.33/expressp.c:15:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char token_type_allowable[301]; data/inform6-compiler-6.33/expressp.c:1304:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char folding_error[40]; data/inform6-compiler-6.33/expressp.c:1310:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(folding_error, "%d + %d = %d", ov1, ov2, x); data/inform6-compiler-6.33/expressp.c:1313:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(folding_error, "%d - %d = %d", ov1, ov2, x); data/inform6-compiler-6.33/expressp.c:1316:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(folding_error, "%d * %d = %d", ov1, ov2, x); data/inform6-compiler-6.33/expressp.c:1519:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) operators[opnum_below].description); data/inform6-compiler-6.33/files.c:77:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Temp1_Name[PATHLEN], Temp2_Name[PATHLEN], Temp3_Name[PATHLEN]; data/inform6-compiler-6.33/files.c:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PATHLEN]; data/inform6-compiler-6.33/files.c:98:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char absolute_name[PATHLEN]; data/inform6-compiler-6.33/files.c:109:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). handle = fopen(name,"r"); data/inform6-compiler-6.33/files.c:323:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { FILE *fin; char new_name[PATHLEN]; data/inform6-compiler-6.33/files.c:352:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sf_handle = fopen(new_name,"wb"); data/inform6-compiler-6.33/files.c:379:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(Temp2_Name,"rb"); data/inform6-compiler-6.33/files.c:525:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(Temp1_Name,"rb"); data/inform6-compiler-6.33/files.c:545:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(Temp3_Name,"rb"); data/inform6-compiler-6.33/files.c:607:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char settype_command[PATHLEN]; data/inform6-compiler-6.33/files.c:622:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { FILE *fin; char new_name[PATHLEN]; data/inform6-compiler-6.33/files.c:635:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sf_handle = fopen(new_name,"wb+"); data/inform6-compiler-6.33/files.c:670:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char error_message_buff[256]; data/inform6-compiler-6.33/files.c:671:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(error_message_buff, "Version 0x%08lx requested, but \ data/inform6-compiler-6.33/files.c:755:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serialnum[8]; data/inform6-compiler-6.33/files.c:766:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(Temp2_Name,"rb"); data/inform6-compiler-6.33/files.c:1142:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char settype_command[PATHLEN]; data/inform6-compiler-6.33/files.c:1176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char topline_buffer[256]; data/inform6-compiler-6.33/files.c:1178:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). transcript_file_handle = fopen(Transcript_Name,"w"); data/inform6-compiler-6.33/files.c:1197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char botline_buffer[256]; data/inform6-compiler-6.33/files.c:1198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sn_buffer[7]; data/inform6-compiler-6.33/files.c:1211:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char settype_command[PATHLEN]; data/inform6-compiler-6.33/files.c:1229:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). { Debug_fp=fopen(Debugging_Name,"wb"); data/inform6-compiler-6.33/files.c:1640:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Temp1_fp=fopen(Temp1_Name,"wb"); data/inform6-compiler-6.33/files.c:1644:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Temp2_fp=fopen(Temp2_Name,"wb"); data/inform6-compiler-6.33/files.c:1650:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Temp3_fp=fopen(Temp3_Name,"wb"); data/inform6-compiler-6.33/header.h:833:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char *keywords[120]; data/inform6-compiler-6.33/inform.c:329:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Source_Name[PATHLEN]; /* Processed name of first input file */ data/inform6-compiler-6.33/inform.c:330:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Code_Name[PATHLEN]; /* Processed name of output file */ data/inform6-compiler-6.33/inform.c:470:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Source_Path[PATHLEN]; data/inform6-compiler-6.33/inform.c:471:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Include_Path[PATHLEN]; data/inform6-compiler-6.33/inform.c:472:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Code_Path[PATHLEN]; data/inform6-compiler-6.33/inform.c:473:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Module_Path[PATHLEN]; data/inform6-compiler-6.33/inform.c:474:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Temporary_Path[PATHLEN]; data/inform6-compiler-6.33/inform.c:475:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char current_source_path[PATHLEN]; data/inform6-compiler-6.33/inform.c:476:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Debugging_Name[PATHLEN]; data/inform6-compiler-6.33/inform.c:477:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Transcript_Name[PATHLEN]; data/inform6-compiler-6.33/inform.c:478:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Language_Name[PATHLEN]; data/inform6-compiler-6.33/inform.c:479:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Charset_Map[PATHLEN]; data/inform6-compiler-6.33/inform.c:480:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ICL_Path[PATHLEN]; data/inform6-compiler-6.33/inform.c:530:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char pathname[PATHLEN]; data/inform6-compiler-6.33/inform.c:772:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char old_name[PATHLEN]; data/inform6-compiler-6.33/inform.c:773:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_name[PATHLEN]; data/inform6-compiler-6.33/inform.c:897:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(old_name, "demos%cplugh", FN_SEP); data/inform6-compiler-6.33/inform.c:901:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(old_name, "demos%cplugh", FN_SEP); data/inform6-compiler-6.33/inform.c:914:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(new_name, "%cnew%cold%crecent%cold%cancient", data/inform6-compiler-6.33/inform.c:951:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p+strlen(p), "_proc%08lx", (long int) unique_task_id()); data/inform6-compiler-6.33/inform.c:954:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p+strlen(p), ".tmp"); data/inform6-compiler-6.33/inform.c:959:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char riscos_ft_buffer[4]; data/inform6-compiler-6.33/inform.c:970:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(riscos_ft_buffer, "%03x", 0x60 + version_number); data/inform6-compiler-6.33/inform.c:1497:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cli_buff[256], fw[256]; data/inform6-compiler-6.33/inform.c:1501:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATHLEN]; data/inform6-compiler-6.33/inform.c:1506:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). command_file = fopen(filename,"r"); data/inform6-compiler-6.33/inform.c:1544:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char cli_buff[256], fw[256]; data/inform6-compiler-6.33/inform.c:1562:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char story_name[PATHLEN], code_name[PATHLEN]; data/inform6-compiler-6.33/inform.c:1599:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char filename[PATHLEN], cli_buff[256]; data/inform6-compiler-6.33/inform.c:1610:42: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). command_file = fopen(filename,"r"); data/inform6-compiler-6.33/inform.c:1628:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char banner_line[80]; data/inform6-compiler-6.33/inform.c:1632:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(banner_line, "Inform %d.%d%d", data/inform6-compiler-6.33/inform.c:1651:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer1[PATHLEN], buffer2[PATHLEN], buffer3[PATHLEN]; data/inform6-compiler-6.33/lexer.c:590:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char one_letter_locals[128]; data/inform6-compiler-6.33/lexer.c:775:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char separators[NUMBER_SEPARATORS][4] = data/inform6-compiler-6.33/lexer.c:1397:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(lex_p, "<end of file>"); data/inform6-compiler-6.33/lexer.c:1527:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char chb[4]; data/inform6-compiler-6.33/lexer.c:1551:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char bad_length[100]; data/inform6-compiler-6.33/lexer.c:1552:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(bad_length, data/inform6-compiler-6.33/lexer.c:1574:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { r = (char *) separators[j]; data/inform6-compiler-6.33/lexer.c:1669:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char veneer_error_title[64]; data/inform6-compiler-6.33/linker.c:202:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char link_errorm[128]; data/inform6-compiler-6.33/linker.c:254:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. printf("Creating action ##%s\n", (char *) symbs[index]); data/inform6-compiler-6.33/linker.c:313:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. IE.symbol_value, (char *) (symbs[index]), svals[index]); data/inform6-compiler-6.33/linker.c:502:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_module_filename[128]; data/inform6-compiler-6.33/linker.c:507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/inform6-compiler-6.33/linker.c:519:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"rb"); data/inform6-compiler-6.33/linker.c:535:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char ebuff[100]; data/inform6-compiler-6.33/linker.c:536:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ebuff, data/inform6-compiler-6.33/linker.c:628:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char link_banner[128]; data/inform6-compiler-6.33/linker.c:650:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char word[10]; data/inform6-compiler-6.33/linker.c:696:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[xref_table[i]]); data/inform6-compiler-6.33/linker.c:1050:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. IE.symbol_name = (char *) (symbs[symbol_number]); data/inform6-compiler-6.33/linker.c:1068:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. write_link_string((char *) (symbs[symbol_number])); data/inform6-compiler-6.33/linker.c:1078:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. IE.symbol_name = (char *) (symbs[symbol_number]); data/inform6-compiler-6.33/linker.c:1086:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. write_link_string((char *) (symbs[symbol_number])); data/inform6-compiler-6.33/memory.c:40:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, *(int **)pointer, MIN(oldsize, size)); data/inform6-compiler-6.33/memory.c:71:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, *(int **)pointer, MIN(size*oldhowmany, size*howmany)); data/inform6-compiler-6.33/memory.c:161:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char chunk_name_buffer[60]; data/inform6-compiler-6.33/memory.c:879:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). j=(int32) atoi(command+i+1); data/inform6-compiler-6.33/objects.c:39:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char shortname_buffer[766]; /* Text buffer to hold the short name data/inform6-compiler-6.33/objects.c:1071:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char already_error[128]; data/inform6-compiler-6.33/objects.c:1124:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[token_value]); data/inform6-compiler-6.33/objects.c:1128:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char error_b[128]; data/inform6-compiler-6.33/objects.c:1132:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[defined_this_segment[i]], data/inform6-compiler-6.33/objects.c:1133:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[token_value]); data/inform6-compiler-6.33/objects.c:1158:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char embedded_name[80]; data/inform6-compiler-6.33/objects.c:1162:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1167:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1221:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1265:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1340:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char already_error[128]; data/inform6-compiler-6.33/objects.c:1388:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[token_value]); data/inform6-compiler-6.33/objects.c:1392:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char error_b[128]; data/inform6-compiler-6.33/objects.c:1396:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[defined_this_segment[i]], data/inform6-compiler-6.33/objects.c:1397:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[token_value]); data/inform6-compiler-6.33/objects.c:1425:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char embedded_name[80]; data/inform6-compiler-6.33/objects.c:1429:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1434:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1488:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[property_name_symbol]); data/inform6-compiler-6.33/objects.c:1741:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char duplicate_name[128]; data/inform6-compiler-6.33/objects.c:1780:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. classname_text = (char *) symbs[token_value]; data/inform6-compiler-6.33/objects.c:1887:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(duplicate_name+i+1, "%d", n); data/inform6-compiler-6.33/objects.c:1920:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char internal_name[64]; data/inform6-compiler-6.33/objects.c:1928:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(internal_name, "nameless_obj__%d", no_objects+1); data/inform6-compiler-6.33/objects.c:2036:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[internal_name_symbol]); data/inform6-compiler-6.33/objects.c:2038:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(shortname_buffer, "(%d)", no_objects+1); data/inform6-compiler-6.33/symbols.c:183:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. r = (char *)symbs[this]; data/inform6-compiler-6.33/symbols.c:255:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. j = hash_code_from_string((char *) symbs[k]); data/inform6-compiler-6.33/symbols.c:318:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. k, (char *) (symbs[k]), data/inform6-compiler-6.33/symbols.c:354:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. dbnu_warning(typename(stypes[i]), (char *) symbs[i], slines[i]); data/inform6-compiler-6.33/symbols.c:371:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { int i, j, k, t, null_value; char idname_string[256]; data/inform6-compiler-6.33/symbols.c:372:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char unknown_attribute[20] = "<unknown attribute>"; data/inform6-compiler-6.33/symbols.c:389:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:395:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. "/%s", (char *) symbs[j]); data/inform6-compiler-6.33/symbols.c:405:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:414:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:420:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. "/%s", (char *) symbs[j]); data/inform6-compiler-6.33/symbols.c:430:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:437:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:455:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:466:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:474:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:481:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[named_routine_symbols[i]]); data/inform6-compiler-6.33/symbols.c:490:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { sprintf(idname_string, "%s", (char *) symbs[i]); data/inform6-compiler-6.33/symbols.c:751:67: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. error_named("A routine cannot be 'Replace'd to itself:", (char *)symbs[original]); data/inform6-compiler-6.33/symbols.c:772:87: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. error_named("A routine cannot be 'Replace'd to more than one new name:", (char *)symbs[original]); data/inform6-compiler-6.33/symbols.c:775:82: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. error_named("A routine cannot be 'Replace'd to a 'Replace'd name:", (char *)symbs[original]); data/inform6-compiler-6.33/symbols.c:1049:115: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. error_named("Internal error in stripping: global ROUTINE_T symbol is not found in df_function map:", (char *)symbs[symbol]); data/inform6-compiler-6.33/symbols.c:1106:125: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. error_named("Internal error in stripping: function ROUTINE_T symbol is not found in df_function map:", (char *)symbs[symbol]); data/inform6-compiler-6.33/syntax.c:205:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) symbs[routine_symbol], FALSE, routine_symbol), data/inform6-compiler-6.33/tables.c:78:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serial_code_buffer[7]; /* specified this 6-digit serial code */ data/inform6-compiler-6.33/tables.c:105:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"970000"); data/inform6-compiler-6.33/tables.c:669:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char memory_full_error[80]; data/inform6-compiler-6.33/tables.c:706:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char code_full_error[80]; data/inform6-compiler-6.33/tables.c:707:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(code_full_error, data/inform6-compiler-6.33/tables.c:715:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char strings_full_error[140]; data/inform6-compiler-6.33/tables.c:717:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(strings_full_error, data/inform6-compiler-6.33/tables.c:721:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(strings_full_error, data/inform6-compiler-6.33/tables.c:1155:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char abbrev_string[64]; data/inform6-compiler-6.33/tables.c:1619:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. {char serialnum[8]; data/inform6-compiler-6.33/tables.c:1844:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char abbrev_string[64]; data/inform6-compiler-6.33/text.c:141:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { int bubble_sort, j, k, l; char p[MAX_ABBREV_LENGTH]; char *p1, *p2; data/inform6-compiler-6.33/text.c:487:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i+=2; j=atoi((char *) (text_in+i)); data/inform6-compiler-6.33/text.c:627:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i+=2; j=atoi((char *) (text_in+i)); data/inform6-compiler-6.33/text.c:862:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Temp1_fp=fopen(Temp1_Name,"rb"); data/inform6-compiler-6.33/text.c:1146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char text[4]; data/inform6-compiler-6.33/text.c:1159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[64]; data/inform6-compiler-6.33/text.c:1667:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. k= ((unsigned char *)dword)[j]; data/inform6-compiler-6.33/text.c:2081:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char textual_form[32]; data/inform6-compiler-6.33/text.c:2135:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { int j, c; char chartext[8]; data/inform6-compiler-6.33/text.c:2166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { char d_buffer[81]; data/inform6-compiler-6.33/text.c:2168:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(d_buffer, "\n[Dictionary contains %d entries:]\n", dict_entries); data/inform6-compiler-6.33/verbs.c:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char action_sub[MAX_IDENTIFIER_LENGTH+4]; data/inform6-compiler-6.33/verbs.c:169:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char action_sub[MAX_IDENTIFIER_LENGTH+4]; data/inform6-compiler-6.33/verbs.c:211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char action_name[MAX_IDENTIFIER_LENGTH]; data/inform6-compiler-6.33/verbs.c:212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char action_sub[MAX_IDENTIFIER_LENGTH+4]; data/inform6-compiler-6.33/verbs.c:218:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. { strcpy(action_name, (char *) symbs[action_symbol[i]]); data/inform6-compiler-6.33/verbs.c:221:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(action_sub, "Sub"); data/inform6-compiler-6.33/verbs.c:705:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *English_verbs_given[32]; int no_given = 0, i; data/inform6-compiler-6.33/asm.c:663:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { case TEXT: sprintf(q+strlen(q), " <text>"); return; data/inform6-compiler-6.33/asm.c:664:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). case LABEL: sprintf(q+strlen(q), " <label>"); return; data/inform6-compiler-6.33/asm.c:666:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(q+strlen(q), " <variable>"); data/inform6-compiler-6.33/asm.c:668:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (opco.op_rules==CALL) sprintf(q+strlen(q), " <routine>"); data/inform6-compiler-6.33/asm.c:678:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(q+strlen(q), "%s", p); data/inform6-compiler-6.33/asm.c:679:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((opco.flags & St) != 0) sprintf(q+strlen(q), " -> <result-variable>"); data/inform6-compiler-6.33/asm.c:680:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((opco.flags & Br) != 0) sprintf(q+strlen(q), " ?[~]<label>"); data/inform6-compiler-6.33/asm.c:703:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(q+strlen(q), " <%d operand%s", opco.no, data/inform6-compiler-6.33/asm.c:706:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx = q+strlen(q); data/inform6-compiler-6.33/asm.c:708:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx += strlen(cx); data/inform6-compiler-6.33/asm.c:719:21: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cx, "S"); data/inform6-compiler-6.33/asm.c:722:21: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cx, "L"); data/inform6-compiler-6.33/asm.c:726:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cx, "S"); data/inform6-compiler-6.33/asm.c:729:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cx, "S"); data/inform6-compiler-6.33/asm.c:732:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cx, "L"); data/inform6-compiler-6.33/asm.c:734:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx += strlen(cx); data/inform6-compiler-6.33/asm.c:736:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx += strlen(cx); data/inform6-compiler-6.33/asm.c:739:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(q+strlen(q), ">"); data/inform6-compiler-6.33/asm.c:739:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(q+strlen(q), ">"); data/inform6-compiler-6.33/asm.c:1435:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_length = strlen(name) + 1; data/inform6-compiler-6.33/asm.c:1438:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(routine_name, name, name_length); data/inform6-compiler-6.33/directs.c:82:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(token_text)<2) data/inform6-compiler-6.33/directs.c:364:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (strlen(token_text)==7)) data/inform6-compiler-6.33/directs.c:731:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((token_type != DQ_TT) || (strlen(token_text)!=6)) data/inform6-compiler-6.33/errors.c:70:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(error_message_buff) == ERROR_BUFLEN-1) data/inform6-compiler-6.33/errors.c:256:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { int curlen = strlen(error_message_buff); data/inform6-compiler-6.33/errors.c:277:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { int curlen = strlen(error_message_buff); data/inform6-compiler-6.33/expressp.c:338:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(token_text) > 4) data/inform6-compiler-6.33/files.c:112:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (filename_storage_left <= (int)strlen(name)) data/inform6-compiler-6.33/files.c:115:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filename_storage_left -= strlen(name)+1; data/inform6-compiler-6.33/files.c:119:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filename_storage_p += strlen(name)+1; data/inform6-compiler-6.33/files.c:434:47: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:442:53: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sf_put((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:452:48: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). { int32 v = (temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:454:51: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = 256*v + ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:464:48: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). { int32 v = (temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:490:43: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:498:49: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sf_put((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:528:56: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i=0; i<static_strings_extent; i++) sf_put(fgetc(fin)); data/inform6-compiler-6.33/files.c:548:53: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (j=0; j<link_data_size; j++) sf_put(fgetc(fin)); data/inform6-compiler-6.33/files.c:818:47: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:826:53: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sf_put((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:840:41: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:842:52: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = (v << 8) | ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:844:52: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = (v << 8) | ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:846:52: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = (v << 8) | ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:860:41: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:862:52: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = (v << 8) | ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:878:41: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:914:43: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:922:49: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sf_put((temporary_files_switch)?fgetc(fin): data/inform6-compiler-6.33/files.c:999:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = fgetc(Temp1_fp); data/inform6-compiler-6.33/files.c:1127:36: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). { first_byte_of_triple = fgetc(sf_handle); data/inform6-compiler-6.33/files.c:1128:37: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). second_byte_of_triple = fgetc(sf_handle); data/inform6-compiler-6.33/files.c:1129:36: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). third_byte_of_triple = fgetc(sf_handle); data/inform6-compiler-6.33/files.c:1135:41: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). debug_file_print_base_64_single(fgetc(sf_handle)); data/inform6-compiler-6.33/inform.c:569:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(old_name)+strlen(extension) >= PATHLEN) { data/inform6-compiler-6.33/inform.c:569:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(old_name)+strlen(extension) >= PATHLEN) { data/inform6-compiler-6.33/inform.c:580:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (x+strlen(old_name)+strlen(extension) >= PATHLEN) { data/inform6-compiler-6.33/inform.c:580:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (x+strlen(old_name)+strlen(extension) >= PATHLEN) { data/inform6-compiler-6.33/inform.c:593:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(name)-1; data/inform6-compiler-6.33/inform.c:666:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=strlen(current_source_path)-1; data/inform6-compiler-6.33/inform.c:727:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { for (i=strlen(old_name)-1; (i>0)&&(old_name[i]!=FN_SEP) ;i--) { }; data/inform6-compiler-6.33/inform.c:732:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=strlen(old_name)-1; (i>=0)&&(old_name[i]!='.') ;i--) ; data/inform6-compiler-6.33/inform.c:945:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(Temporary_Path)+strlen(Temporary_File)+6 >= PATHLEN) { data/inform6-compiler-6.33/inform.c:945:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(Temporary_Path)+strlen(Temporary_File)+6 >= PATHLEN) { data/inform6-compiler-6.33/inform.c:951:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(p+strlen(p), "_proc%08lx", (long int) unique_task_id()); data/inform6-compiler-6.33/inform.c:954:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(p+strlen(p), ".tmp"); data/inform6-compiler-6.33/inform.c:1445:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || ((p[0]=='(')&&(p[strlen(p)-1]==')')) ) return TRUE; data/inform6-compiler-6.33/inform.c:1606:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). case '(': strcpy(cli_buff,p+1); cli_buff[strlen(cli_buff)-1]=0; data/inform6-compiler-6.33/inform.c:1638:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(banner_line+strlen(banner_line), " for %s", MACHINE_STRING); data/inform6-compiler-6.33/inform.c:1640:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(banner_line+strlen(banner_line), " (%s)", RELEASE_DATE); data/inform6-compiler-6.33/lexer.c:655:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p)+1; data/inform6-compiler-6.33/lexer.c:1398:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lex_p += strlen(lex_p) + 1; data/inform6-compiler-6.33/linker.c:191:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m_read_pos += strlen((char *) (p+m_read_pos))+1; data/inform6-compiler-6.33/linker.c:526:30: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i=0;i<64;i++) p0[i]=fgetc(fin); data/inform6-compiler-6.33/linker.c:548:41: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (k=64;k<module_size;k++) p[k] = fgetc(fin); data/inform6-compiler-6.33/objects.c:228:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strcmp(name+strlen(name)-3, "_to") == 0) sflags[i] |= STAR_SFLAG; data/inform6-compiler-6.33/objects.c:1152:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && ((token_type != SQ_TT) || (strlen(token_text) <2 )) data/inform6-compiler-6.33/objects.c:1885:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { int i = strlen(duplicate_name); data/inform6-compiler-6.33/objects.c:1955:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(shortname_buffer, "?"); data/inform6-compiler-6.33/objects.c:2041:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { if (strlen(textual_name)>765) data/inform6-compiler-6.33/objects.c:2043:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(shortname_buffer, textual_name, 765); data/inform6-compiler-6.33/states.c:295:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(token_text) > 32) data/inform6-compiler-6.33/symbols.c:209:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (symbols_free_space+strlen(p)+1 >= symbols_ceiling) data/inform6-compiler-6.33/symbols.c:221:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (symbols_free_space+strlen(p)+1 >= symbols_ceiling) data/inform6-compiler-6.33/symbols.c:227:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). symbols_free_space += strlen((char *)symbols_free_space) + 1; data/inform6-compiler-6.33/symbols.c:394:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { sprintf(idname_string+strlen(idname_string), data/inform6-compiler-6.33/symbols.c:419:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { sprintf(idname_string+strlen(idname_string), data/inform6-compiler-6.33/symbols.c:438:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). idname_string[strlen(idname_string)-3] = 0; data/inform6-compiler-6.33/symbols.c:456:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). idname_string[strlen(idname_string)-3] = 0; data/inform6-compiler-6.33/text.c:407:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { no_chars_transcribed += strlen(s_text)+2; data/inform6-compiler-6.33/text.c:411:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). all_text_top += strlen(all_text_top); data/inform6-compiler-6.33/text.c:616:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i += (strlen(cx)-1); data/inform6-compiler-6.33/text.c:875:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = fgetc(Temp1_fp); data/inform6-compiler-6.33/text.c:1018:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = fgetc(Temp1_fp); data/inform6-compiler-6.33/text.c:1126:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). compression_table_size += (1 + 1 + strlen(cx)); data/inform6-compiler-6.33/text.c:1256:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). a=strlen(s1); b=strlen(s2); data/inform6-compiler-6.33/text.c:1256:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). a=strlen(s1); b=strlen(s2); data/inform6-compiler-6.33/text.c:2032:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). { int i = strlen(d_show_to); data/inform6-compiler-6.33/text.c:2066:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cc = strlen(results); data/inform6-compiler-6.33/text.c:2071:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cc = strlen(results); data/inform6-compiler-6.33/verbs.c:219:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). action_name[strlen(action_name) - 3] = '\0'; /* remove "__A" */ data/inform6-compiler-6.33/verbs.c:333:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). English_verb_list_size += strlen(English_verb)+4; data/inform6-compiler-6.33/verbs.c:337:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). English_verb_list_top[0] = 4+strlen(English_verb); ANALYSIS SUMMARY: Hits = 419 Lines analyzed = 37174 in approximately 1.05 seconds (35393 lines/second) Physical Source Lines of Code (SLOC) = 27242 Hits@level = [0] 672 [1] 105 [2] 220 [3] 2 [4] 89 [5] 3 Hits@level+ = [0+] 1091 [1+] 419 [2+] 314 [3+] 94 [4+] 92 [5+] 3 Hits/KSLOC@level+ = [0+] 40.0485 [1+] 15.3807 [2+] 11.5263 [3+] 3.45055 [4+] 3.37714 [5+] 0.110124 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.