Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/isoqlog-2.2.1/isoqlog/Global.h
Examining data/isoqlog-2.2.1/isoqlog/Data.c
Examining data/isoqlog-2.2.1/isoqlog/Data.h
Examining data/isoqlog-2.2.1/isoqlog/Dir.c
Examining data/isoqlog-2.2.1/isoqlog/Dir.h
Examining data/isoqlog-2.2.1/isoqlog/LangCfg.c
Examining data/isoqlog-2.2.1/isoqlog/Html.c
Examining data/isoqlog-2.2.1/isoqlog/Html.h
Examining data/isoqlog-2.2.1/isoqlog/LangCfg.h
Examining data/isoqlog-2.2.1/isoqlog/Parser.c
Examining data/isoqlog-2.2.1/isoqlog/Parser.h
Examining data/isoqlog-2.2.1/isoqlog/Store.c
Examining data/isoqlog-2.2.1/isoqlog/Store.h
Examining data/isoqlog-2.2.1/isoqlog/loadconfig.c
Examining data/isoqlog-2.2.1/isoqlog/loadconfig.h
Examining data/isoqlog-2.2.1/isoqlog/main.c
FINAL RESULTS:
data/isoqlog-2.2.1/isoqlog/Html.c:184:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 512, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:389:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 1024, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:549:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 1024, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:710:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 1024, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:868:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 512, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:1170:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newstr, "%s", "general");
data/isoqlog-2.2.1/isoqlog/Html.c:1186:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 1024, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:1325:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newstr, "%s", "general");
data/isoqlog-2.2.1/isoqlog/Html.c:1341:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 1024, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:1483:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newstr, "%s", "general");
data/isoqlog-2.2.1/isoqlog/Html.c:1499:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 1024, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/Html.c:1601:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, bytestrs[3]);
data/isoqlog-2.2.1/isoqlog/Html.c:1605:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, bytestrs[2]);
data/isoqlog-2.2.1/isoqlog/Html.c:1609:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, bytestrs[1]);
data/isoqlog-2.2.1/isoqlog/Html.c:1613:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, bytestrs[0]);
data/isoqlog-2.2.1/isoqlog/Html.c:1653:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newstr, "<!-- %s -->\n", "isoqlog Team and codepoets.org");
data/isoqlog-2.2.1/isoqlog/Html.c:1744:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(newstr, 512, tfmt[(cur_min > 9 ? 1 : 0)],
data/isoqlog-2.2.1/isoqlog/loadconfig.c:221:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s", outputdir, buf);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:223:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s/%d", outputdir, buf, cur_year);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:225:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s/%d/%d", outputdir, buf, cur_year, cur_month);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:234:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s", outputdir, "general");
data/isoqlog-2.2.1/isoqlog/loadconfig.c:236:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s/%d", outputdir, "general" , cur_year);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:239:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s/%d/%d", outputdir, "general", cur_year, cur_month);
data/isoqlog-2.2.1/isoqlog/main.c:27:24: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (!error && (c = getopt(argc,argv,"f:hv")) != -1) {
data/isoqlog-2.2.1/isoqlog/Data.h:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[DOMAINSIZ];
data/isoqlog-2.2.1/isoqlog/Data.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[USERSIZ];
data/isoqlog-2.2.1/isoqlog/Dir.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char logstore[128];
data/isoqlog-2.2.1/isoqlog/Dir.c:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[128];
data/isoqlog-2.2.1/isoqlog/Dir.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/isoqlog-2.2.1/isoqlog/Dir.c:126:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fn, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char outputdir [VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char htmldir [VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char language [VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *months[12];
data/isoqlog-2.2.1/isoqlog/Html.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Average[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Creationtime[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Daily[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Day[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Domain[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Encoding[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:32:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Mail[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Main_Page[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:34:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Month[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:35:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Monthly[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Number[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Receiver[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Received[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Sender[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Sent[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Size[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Stats[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Top[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Total[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Yearly[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Year[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char L_Encoding[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Html.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:150:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(f, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:157:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmpstr, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:353:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:359:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmp, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:498:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:513:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:519:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmp, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:674:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:680:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmp, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:822:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:834:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(f, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:841:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmpstr, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:1150:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1156:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmp, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:1305:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1311:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmp, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:1460:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1466:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmp, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1623:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tfmt[2] = { "%s: %s %d, %d / %d:0%d",
data/isoqlog-2.2.1/isoqlog/Html.c:1634:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(f, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1640:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tp = fopen(tmpstr, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Html.c:1663:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1667:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1670:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " <tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1672:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " <td width=\"11%%\"> </td>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1677:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " </tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1679:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " <tr> \n");
data/isoqlog-2.2.1/isoqlog/Html.c:1681:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1684:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1687:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " </tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1689:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, "</table>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1692:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,"<table width=\"100%%\" border=\"0\" cellspacing=\"0\" cellpadding=\"1\">\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1695:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " <tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1697:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1700:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1708:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " </tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1712:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " <tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1714:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1717:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1720:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/Html.c:1723:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " </tr>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1726:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr, " </table>\n");
data/isoqlog-2.2.1/isoqlog/Html.c:1735:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newstr,
data/isoqlog-2.2.1/isoqlog/LangCfg.c:18:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.c:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[KEYSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.c:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.c:50:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(langfile, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/LangCfg.c:164:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(L_Encoding, "iso-8859-1");
data/isoqlog-2.2.1/isoqlog/LangCfg.h:8:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Average[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:9:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Creationtime[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:10:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Daily[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Day[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:12:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Domain[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Encoding[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:14:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Mail[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:15:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Main_Page[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:16:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Month[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Monthly[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:18:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Number[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Receiver[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Received[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Sender[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:22:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Sent[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:23:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Size[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:24:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Stats[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Top[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Total[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Yearly[VALSIZE];
data/isoqlog-2.2.1/isoqlog/LangCfg.h:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L_Year[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Parser.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char hostname[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Parser.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char outputdir[VALSIZE];
data/isoqlog-2.2.1/isoqlog/Parser.c:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *months[13] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec", NULL};
data/isoqlog-2.2.1/isoqlog/Parser.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/isoqlog-2.2.1/isoqlog/Parser.c:38:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fn, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Parser.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/isoqlog-2.2.1/isoqlog/Parser.c:59:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fn, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Parser.c:83:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m[4];
data/isoqlog-2.2.1/isoqlog/Parser.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbytes[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[300];
data/isoqlog-2.2.1/isoqlog/Parser.c:158:38: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
checkUser(domain, email, FROM_MAIL, atol(tmpbytes));
data/isoqlog-2.2.1/isoqlog/Parser.c:160:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
general.from_byte += atol(tmpbytes);
data/isoqlog-2.2.1/isoqlog/Parser.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[300];
data/isoqlog-2.2.1/isoqlog/Parser.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[512];
data/isoqlog-2.2.1/isoqlog/Parser.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[1024];
data/isoqlog-2.2.1/isoqlog/Parser.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vdomain[150];
data/isoqlog-2.2.1/isoqlog/Parser.c:259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[300];
data/isoqlog-2.2.1/isoqlog/Parser.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbytes[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:319:38: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
checkUser(domain, email, FROM_MAIL, atol(tmpbytes));
data/isoqlog-2.2.1/isoqlog/Parser.c:321:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
general.from_byte += atol(tmpbytes);
data/isoqlog-2.2.1/isoqlog/Parser.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[300];
data/isoqlog-2.2.1/isoqlog/Parser.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbytes[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:402:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[300];
data/isoqlog-2.2.1/isoqlog/Parser.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbytes[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:459:38: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
checkUser(domain, email, FROM_MAIL, atol(tmpbytes));
data/isoqlog-2.2.1/isoqlog/Parser.c:461:31: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
general.from_byte += atol(tmpbytes);
data/isoqlog-2.2.1/isoqlog/Parser.c:469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[300];
data/isoqlog-2.2.1/isoqlog/Parser.c:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbytes[128];
data/isoqlog-2.2.1/isoqlog/Parser.c:525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/isoqlog-2.2.1/isoqlog/Parser.c:527:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fn, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Store.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char logtype[128];
data/isoqlog-2.2.1/isoqlog/Store.c:24:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(f, "w")) == NULL) {
data/isoqlog-2.2.1/isoqlog/Store.c:39:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(f, "r")) == NULL)
data/isoqlog-2.2.1/isoqlog/loadconfig.c:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.c:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[KEYSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.c:43:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(cfgfile, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/loadconfig.c:110:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxsender = atoi(value);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:113:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxreceiver = atoi(value);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:116:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxtotal = atoi(value);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:119:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxbyte = atoi(value);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/isoqlog-2.2.1/isoqlog/loadconfig.c:208:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(domainsfile, "r")) == NULL) {
data/isoqlog-2.2.1/isoqlog/loadconfig.h:8:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputdir[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.h:9:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtype[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.h:10:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logstore[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.h:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domainsfile[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.h:12:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char htmldir[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.h:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langfile[VALSIZE];
data/isoqlog-2.2.1/isoqlog/loadconfig.h:14:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[VALSIZE];
data/isoqlog-2.2.1/isoqlog/main.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char langfile[VALSIZE];
data/isoqlog-2.2.1/isoqlog/main.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char logtype[VALSIZE];
data/isoqlog-2.2.1/isoqlog/main.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char logstore[VALSIZE];
data/isoqlog-2.2.1/isoqlog/main.c:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isoqlogconf[256];
data/isoqlog-2.2.1/isoqlog/Data.c:47:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(DomainsTab.alldomains[DomainsTab.nval].domain, d, DOMAINSIZ);
data/isoqlog-2.2.1/isoqlog/Data.c:79:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p->user, m, USERSIZ);
data/isoqlog-2.2.1/isoqlog/Data.c:146:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sym->user, m, USERSIZ);
data/isoqlog-2.2.1/isoqlog/Dir.c:46:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname, dirp->d_name, 128);
data/isoqlog-2.2.1/isoqlog/Dir.c:51:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname, dirp->d_name, 128);
data/isoqlog-2.2.1/isoqlog/Dir.c:73:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((current = (char *)malloc((strlen(logstore) + 10) * sizeof(char))) == NULL)
data/isoqlog-2.2.1/isoqlog/Dir.c:133:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseQmailFromBytesLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Dir.c:135:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseQmailToRemoteLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Dir.c:137:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseQmailToLocalLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Html.c:167:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:167:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:169:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:170:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:175:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:175:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:177:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:178:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:183:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:183:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:191:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:192:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:312:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:372:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:372:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:374:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:375:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:380:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:380:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:382:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:383:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:388:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:388:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:396:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:397:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:472:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:532:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:532:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:534:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:535:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:540:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:540:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:542:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:543:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:548:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:548:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:556:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:557:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:634:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:693:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:693:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:695:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:696:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:701:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:701:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:703:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:704:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:709:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:709:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:717:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:718:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:798:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:851:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:851:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:853:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:854:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:859:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:859:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:861:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:862:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:867:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:867:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:875:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:876:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1108:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1169:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1169:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1171:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1172:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1177:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1177:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1179:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1180:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1185:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1185:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1193:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1194:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1265:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1324:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1324:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1326:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1327:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1332:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1332:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1334:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1335:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1340:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1340:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1348:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1349:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1421:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1482:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1482:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1484:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1485:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1490:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1490:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1492:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1493:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1498:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1498:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1506:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1507:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1578:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1651:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1651:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1654:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1656:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1662:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1662:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1665:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1669:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1671:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1673:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1676:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1678:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1680:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1683:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1686:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1688:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1690:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1693:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1696:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1699:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1702:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1707:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1709:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1713:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1716:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1719:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1722:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1724:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1727:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1729:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1733:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)),
data/isoqlog-2.2.1/isoqlog/Html.c:1733:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)),
data/isoqlog-2.2.1/isoqlog/Html.c:1737:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1738:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1743:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1743:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), (strlen(tmpstr) - strlen(substr)), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1751:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(newstr, sizeof(char), strlen(newstr), fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1752:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(substr + 9, sizeof(char), strlen(substr) - 9, fp);
data/isoqlog-2.2.1/isoqlog/Html.c:1759:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpstr, sizeof(char), strlen(tmpstr), fp);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:59:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((lenbuf = strlen(buf)) <= 1)
data/isoqlog-2.2.1/isoqlog/LangCfg.c:97:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Average, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:100:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Creationtime, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:103:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Daily, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:106:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Day, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:109:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Domain, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:112:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Encoding, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:115:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Mail, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:118:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Main_Page, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:121:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Month, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:124:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Monthly, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:127:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Number, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:130:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Received, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:133:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Receiver, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:136:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Sender, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:139:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Sent, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:142:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Size, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:145:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Stats, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:148:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Top, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:151:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Total, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:154:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Year, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:157:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(L_Yearly, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/LangCfg.c:163:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(L_Encoding) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:45:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseQmailFromBytesLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Parser.c:47:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseQmailToRemoteLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Parser.c:49:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseQmailToLocalLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Parser.c:69:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((check_syslog_date(buf, strlen(buf))) > 0) {
data/isoqlog-2.2.1/isoqlog/Parser.c:71:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseSendmailFromBytesLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Parser.c:73:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseSendmailToLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Parser.c:131:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:137:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tmpbytes) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:148:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:155:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:184:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:191:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:198:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:226:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:233:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:240:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:244:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(email, 1023, "%.512s@%.128s", (user + strlen(vdomain)), domain);
data/isoqlog-2.2.1/isoqlog/Parser.c:281:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:294:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:302:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:305:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(domain, hostname, 127);
data/isoqlog-2.2.1/isoqlog/Parser.c:358:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:371:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:379:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:382:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(domain, hostname, 128);
data/isoqlog-2.2.1/isoqlog/Parser.c:421:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:434:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:442:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:445:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(domain, hostname, 128);
data/isoqlog-2.2.1/isoqlog/Parser.c:490:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(p, strlen(p));
data/isoqlog-2.2.1/isoqlog/Parser.c:503:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(user) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:511:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(domain) == 0)
data/isoqlog-2.2.1/isoqlog/Parser.c:514:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(domain, hostname, 128);
data/isoqlog-2.2.1/isoqlog/Parser.c:537:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((check_syslog_date_exim(buf, strlen(buf))) > 0) {
data/isoqlog-2.2.1/isoqlog/Parser.c:539:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseEximFromBytesLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/Parser.c:541:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parseEximToLine(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/loadconfig.c:52:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((lenbuf = strlen(buf)) <= 1)
data/isoqlog-2.2.1/isoqlog/loadconfig.c:89:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(outputdir, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:92:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(logtype, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:95:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(logstore, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:98:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(domainsfile, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:101:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(langfile, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:104:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(htmldir, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:107:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hostname, value, VALSIZE);
data/isoqlog-2.2.1/isoqlog/loadconfig.c:160:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(hostname)) == 0 )
data/isoqlog-2.2.1/isoqlog/loadconfig.c:199:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(outputdir)) == 0 ) {
data/isoqlog-2.2.1/isoqlog/loadconfig.c:203:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(domainsfile)) == 0 ) {
data/isoqlog-2.2.1/isoqlog/loadconfig.c:214:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
removespaces(buf, strlen(buf));
data/isoqlog-2.2.1/isoqlog/loadconfig.c:215:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) == 0)
data/isoqlog-2.2.1/isoqlog/loadconfig.c:218:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lowercase(buf, strlen(buf)); /* lowercase domains */
data/isoqlog-2.2.1/isoqlog/loadconfig.c:220:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir = malloc((strlen(outputdir) + strlen(buf) + 100) * sizeof(char));
data/isoqlog-2.2.1/isoqlog/loadconfig.c:220:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir = malloc((strlen(outputdir) + strlen(buf) + 100) * sizeof(char));
data/isoqlog-2.2.1/isoqlog/main.c:38:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(isoqlogconf, optarg, 256);
ANALYSIS SUMMARY:
Hits = 426
Lines analyzed = 4020 in approximately 0.25 seconds (15787 lines/second)
Physical Source Lines of Code (SLOC) = 3488
Hits@level = [0] 233 [1] 228 [2] 174 [3] 1 [4] 23 [5] 0
Hits@level+ = [0+] 659 [1+] 426 [2+] 198 [3+] 24 [4+] 23 [5+] 0
Hits/KSLOC@level+ = [0+] 188.933 [1+] 122.133 [2+] 56.7661 [3+] 6.88073 [4+] 6.59404 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.