Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kic-2.4a/src/help/help.c
Examining data/kic-2.4a/src/help/provide.c
Examining data/kic-2.4a/src/help/readhelp.c
Examining data/kic-2.4a/src/help/textdisp.c
Examining data/kic-2.4a/src/cd/xforms.c
Examining data/kic-2.4a/src/cd/actions.c
Examining data/kic-2.4a/src/cd/cd.c
Examining data/kic-2.4a/src/cd/gencif.c
Examining data/kic-2.4a/src/cd/misc.c
Examining data/kic-2.4a/src/cd/nmalloc.c
Examining data/kic-2.4a/src/cd/parser.c
Examining data/kic-2.4a/src/cd/paths.c
Examining data/kic-2.4a/src/convert/convert.c
Examining data/kic-2.4a/src/convert/convert1.c
Examining data/kic-2.4a/src/ginterf/fb.c
Examining data/kic-2.4a/src/ginterf/ginterf.c
Examining data/kic-2.4a/src/ginterf/wfb.c
Examining data/kic-2.4a/src/bin/strtokic.c
Examining data/kic-2.4a/src/bin/ciftokic.c
Examining data/kic-2.4a/src/bin/global.c
Examining data/kic-2.4a/src/bin/helpmain.c
Examining data/kic-2.4a/src/bin/kicmain.c
Examining data/kic-2.4a/src/bin/kictocif.c
Examining data/kic-2.4a/src/bin/kictostr.c
Examining data/kic-2.4a/src/bin/scale.c
Examining data/kic-2.4a/src/bin/strmtext.c
Examining data/kic-2.4a/src/include/stream.h
Examining data/kic-2.4a/src/include/cdext.h
Examining data/kic-2.4a/src/include/coords.h
Examining data/kic-2.4a/src/include/driver.h
Examining data/kic-2.4a/src/include/fb.h
Examining data/kic-2.4a/src/include/hlpdefs.h
Examining data/kic-2.4a/src/include/kic.h
Examining data/kic-2.4a/src/include/kicext.h
Examining data/kic-2.4a/src/include/macros.h
Examining data/kic-2.4a/src/include/mfb.h
Examining data/kic-2.4a/src/include/mfbext.h
Examining data/kic-2.4a/src/include/nmalloc.h
Examining data/kic-2.4a/src/include/parser.h
Examining data/kic-2.4a/src/include/prefix.h
Examining data/kic-2.4a/src/include/cd.h
Examining data/kic-2.4a/src/kic/zoom.c
Examining data/kic-2.4a/src/kic/attri.c
Examining data/kic-2.4a/src/kic/basic.c
Examining data/kic-2.4a/src/kic/boxes.c
Examining data/kic-2.4a/src/kic/break.c
Examining data/kic-2.4a/src/kic/change.c
Examining data/kic-2.4a/src/kic/contexts.c
Examining data/kic-2.4a/src/kic/copy.c
Examining data/kic-2.4a/src/kic/debug.c
Examining data/kic-2.4a/src/kic/delete.c
Examining data/kic-2.4a/src/kic/dir.c
Examining data/kic-2.4a/src/kic/erase.c
Examining data/kic-2.4a/src/kic/flatten.c
Examining data/kic-2.4a/src/kic/grid.c
Examining data/kic-2.4a/src/kic/hcopy.c
Examining data/kic-2.4a/src/kic/init.c
Examining data/kic-2.4a/src/kic/instance.c
Examining data/kic-2.4a/src/kic/labels.c
Examining data/kic-2.4a/src/kic/lineclip.c
Examining data/kic-2.4a/src/kic/lines.c
Examining data/kic-2.4a/src/kic/logo.c
Examining data/kic-2.4a/src/kic/measure.c
Examining data/kic-2.4a/src/kic/modify.c
Examining data/kic-2.4a/src/kic/more.c
Examining data/kic-2.4a/src/kic/point.c
Examining data/kic-2.4a/src/kic/prpty.c
Examining data/kic-2.4a/src/kic/polyclip.c
Examining data/kic-2.4a/src/kic/polygns.c
Examining data/kic-2.4a/src/kic/redispla.c
Examining data/kic-2.4a/src/kic/select.c
Examining data/kic-2.4a/src/kic/sline.c
Examining data/kic-2.4a/src/kic/techfile.c
Examining data/kic-2.4a/src/kic/viewport.c
Examining data/kic-2.4a/src/kic/wires.c
Examining data/kic-2.4a/src/kic/xorbox.c
Examining data/kic-2.4a/src/kic/45s.c
Examining data/kic-2.4a/src/xmfb/xfb.c
Examining data/kic-2.4a/src/xmfb/8x14font.c
Examining data/kic-2.4a/src/xmfb/8x16font.c
Examining data/kic-2.4a/src/xmfb/8x8font.c
Examining data/kic-2.4a/src/xmfb/mfb.c
Examining data/kic-2.4a/src/xmfb/mfbcsdl.c
Examining data/kic-2.4a/src/xmfb/mfbtext.c
Examining data/kic-2.4a/src/xmfb/text1.c
Examining data/kic-2.4a/src/xmfb/6x8font.c
FINAL RESULTS:
data/kic-2.4a/src/help/readhelp.c:215:19: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
nt = top->readlink;
data/kic-2.4a/src/include/hlpdefs.h:86:19: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
struct topic *readlink;
data/kic-2.4a/src/bin/ciftokic.c:84:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CIFFile,argv[1]);
data/kic-2.4a/src/bin/ciftokic.c:90:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(Tmp,"%s",CIFFile) != 1)
data/kic-2.4a/src/bin/global.c:165:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/kic-2.4a/src/bin/global.c:235:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\%s",
data/kic-2.4a/src/bin/global.c:330:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(s,startupdir);
data/kic-2.4a/src/bin/global.c:360:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/kic-2.4a/src/bin/global.c:373:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s.%s",TECHNAME,TECH_EXT);
data/kic-2.4a/src/bin/global.c:375:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,TECHNAME);
data/kic-2.4a/src/bin/global.c:383:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s.%s",TECHNAMETOO,TECH_EXT);
data/kic-2.4a/src/bin/global.c:385:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,TECHNAMETOO);
data/kic-2.4a/src/bin/global.c:393:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s%c%s.%s",DEFAULTLTAB,DIRC,TECHNAME,TECH_EXT);
data/kic-2.4a/src/bin/global.c:395:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s%c%s",DEFAULTLTAB,DIRC,TECHNAME);
data/kic-2.4a/src/bin/global.c:403:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s%c%s.%s",DEFAULTLTAB,DIRC,TECHNAMETOO,TECH_EXT);
data/kic-2.4a/src/bin/global.c:405:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s%c%s",DEFAULTLTAB,DIRC,TECHNAMETOO);
data/kic-2.4a/src/bin/helpmain.c:225:24: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(cp_out,xx);
data/kic-2.4a/src/bin/helpmain.c:245:28: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(cp_out,menu);
data/kic-2.4a/src/bin/helpmain.c:384:12: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(cp_out,s);
data/kic-2.4a/src/bin/kicmain.c:498:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TECH_EXT,Tech);
data/kic-2.4a/src/bin/kicmain.c:525:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (NumCells) strcpy(Parameters.kpCellName,CellNames[CurrentCell]);
data/kic-2.4a/src/bin/kicmain.c:707:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String,"%s.%s",TECHNAME,TECH_EXT);
data/kic-2.4a/src/bin/kicmain.c:709:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(String,TECHNAME);
data/kic-2.4a/src/bin/kicmain.c:712:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't write %s file.",String);
data/kic-2.4a/src/bin/kicmain.c:967:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Current attributes updated in %s file",String);
data/kic-2.4a/src/bin/kicmain.c:987:13: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(patterns,"%s",patbuf) <= 0) {
data/kic-2.4a/src/bin/kicmain.c:1110:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t,s);
data/kic-2.4a/src/bin/kicmain.c:1141:10: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
cp = mktemp(tn);
data/kic-2.4a/src/bin/kicmain.c:1150:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,cp);
data/kic-2.4a/src/bin/kicmain.c:1266:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"%s",Parameters.kpCommand);
data/kic-2.4a/src/bin/kicmain.c:1291:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(TypeOut,string);
data/kic-2.4a/src/bin/kicmain.c:1343:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,c);
data/kic-2.4a/src/bin/kictocif.c:82:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CIFFile, nextarg());
data/kic-2.4a/src/bin/kictocif.c:113:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TECH_EXT,Tech);
data/kic-2.4a/src/bin/kictocif.c:123:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Root,argv[1]);
data/kic-2.4a/src/bin/kictocif.c:129:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(Tmp,"%s",Root) != 1)
data/kic-2.4a/src/bin/kictocif.c:137:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Path,Root);
data/kic-2.4a/src/bin/kictocif.c:164:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Tmp,Path);
data/kic-2.4a/src/bin/kictostr.c:205:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMLibrary.lib_name,nextarg());
data/kic-2.4a/src/bin/kictostr.c:216:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(StreamFileName, nextarg());
data/kic-2.4a/src/bin/kictostr.c:236:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LayerFile, nextarg());
data/kic-2.4a/src/bin/kictostr.c:258:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TECH_EXT,Tech);
data/kic-2.4a/src/bin/kictostr.c:269:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Root,argv[1]);
data/kic-2.4a/src/bin/kictostr.c:275:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(Tmp,"%s",Root) != 1)
data/kic-2.4a/src/bin/kictostr.c:284:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Path,Root);
data/kic-2.4a/src/bin/kictostr.c:301:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LayerFile,TECHFILE);
data/kic-2.4a/src/bin/kictostr.c:323:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(StreamFileName, GDS_SUFFIX);
data/kic-2.4a/src/bin/kictostr.c:335:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Tmp,Path);
data/kic-2.4a/src/bin/kictostr.c:373:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PrptyDesc->prpty_String,"%s",STRMLibrary.lib_name);
data/kic-2.4a/src/bin/kictostr.c:376:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PrptyDesc->prpty_String,"%s %s",STRMLibrary.lib_lib1,
data/kic-2.4a/src/bin/kictostr.c:380:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PrptyDesc->prpty_String,"%s %s %s %s",
data/kic-2.4a/src/bin/kictostr.c:388:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PrptyDesc->prpty_String,"%s",STRMLibrary.lib_attr);
data/kic-2.4a/src/bin/kictostr.c:465:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,emesg,LayerFile);
data/kic-2.4a/src/bin/kictostr.c:470:17: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(ltable,"%s %d %d",buffer,&j,&k) < 3) {
data/kic-2.4a/src/bin/kictostr.c:471:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,emesg,LayerFile);
data/kic-2.4a/src/bin/kictostr.c:620:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(MasterName,0) != 0) {
data/kic-2.4a/src/bin/kictostr.c:632:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMStructure.str_name, unalias(MasterName));
data/kic-2.4a/src/bin/kictostr.c:634:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMStructure.str_name, MasterName);
data/kic-2.4a/src/bin/kictostr.c:652:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMAref.ar_name, unalias(SymbolName));
data/kic-2.4a/src/bin/kictostr.c:654:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMAref.ar_name, SymbolName);
data/kic-2.4a/src/bin/kictostr.c:678:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMAref.ar_prop.prp_propval
data/kic-2.4a/src/bin/kictostr.c:736:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMSref.sr_name, unalias(SymbolName));
data/kic-2.4a/src/bin/kictostr.c:738:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMSref.sr_name, SymbolName);
data/kic-2.4a/src/bin/kictostr.c:758:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMSref.sr_prop.prp_propval
data/kic-2.4a/src/bin/kictostr.c:824:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DefaultProperty.prp_propval
data/kic-2.4a/src/bin/kictostr.c:870:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PrptyDesc->prpty_String,"%s %d",garbage,&i);
data/kic-2.4a/src/bin/kictostr.c:926:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PrptyDesc->prpty_String,
data/kic-2.4a/src/bin/kictostr.c:1809:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(s,"%s %s",wl->dosname,wl->strname) != 2) {
data/kic-2.4a/src/bin/scale.c:112:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TECH_EXT,Tech);
data/kic-2.4a/src/bin/scale.c:128:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Root, argv[1]);
data/kic-2.4a/src/bin/scale.c:134:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(tmp,"%s",Root) != 1)
data/kic-2.4a/src/bin/scale.c:140:11: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
tmp = mktemp(tf1);
data/kic-2.4a/src/bin/scale.c:141:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TmpFile,"%s.CIF",tmp);
data/kic-2.4a/src/bin/scale.c:144:11: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
tmp = mktemp(tf2);
data/kic-2.4a/src/bin/scale.c:145:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(JnkFile,"%s.KIC",tmp);
data/kic-2.4a/src/bin/scale.c:167:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Root,"DEL %s;*",TmpFile);
data/kic-2.4a/src/bin/scale.c:168:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(Root);
data/kic-2.4a/src/bin/scale.c:169:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Root,"DEL %s;*",JnkFile);
data/kic-2.4a/src/bin/scale.c:170:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(Root);
data/kic-2.4a/src/bin/strmtext.c:147:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define prterr fprintf
data/kic-2.4a/src/bin/strtokic.c:266:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(RootSymbol,nextarg());
data/kic-2.4a/src/bin/strtokic.c:279:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(RootFileName,nextarg());
data/kic-2.4a/src/bin/strtokic.c:295:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LayerFile,nextarg());
data/kic-2.4a/src/bin/strtokic.c:321:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TECH_EXT,Tech);
data/kic-2.4a/src/bin/strtokic.c:342:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(Tmp,"%s",StreamFile) != 1)
data/kic-2.4a/src/bin/strtokic.c:360:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(LayerFile,TECHFILE);
data/kic-2.4a/src/bin/strtokic.c:365:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(LayerFile,"%s%c%s",DEFAULTLTAB,DIRC,"ltab");
data/kic-2.4a/src/bin/strtokic.c:457:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(HeaderCopy->hd_Text,cbuf);
data/kic-2.4a/src/bin/strtokic.c:501:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(HeaderCopy->hd_Text,"%s %s",cbuf,cbuf+44);
data/kic-2.4a/src/bin/strtokic.c:519:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(HeaderCopy->hd_Text,"%s %s %s %s",cbuf,
data/kic-2.4a/src/bin/strtokic.c:541:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(HeaderCopy->hd_Text,cbuf);
data/kic-2.4a/src/bin/strtokic.c:667:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CurrentSymbol,cbuf);
data/kic-2.4a/src/bin/strtokic.c:1130:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string,cbuf);
data/kic-2.4a/src/bin/strtokic.c:1348:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(SymbolNames[NumSymbols],name);
data/kic-2.4a/src/bin/strtokic.c:1430:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cbuf,buf1);
data/kic-2.4a/src/bin/strtokic.c:1435:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cbuf,buf1);
data/kic-2.4a/src/bin/strtokic.c:1511:13: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(fp,"%s %d %d",LayerNames[i],
data/kic-2.4a/src/bin/strtokic.c:1534:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buf + 10,"%s",name) != 1)
data/kic-2.4a/src/bin/strtokic.c:1560:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LayerNames[NumLayerTable],name);
data/kic-2.4a/src/bin/strtokic.c:1754:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"\nError: %s %s.\n",str,what);
data/kic-2.4a/src/bin/strtokic.c:1755:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderror,buf);
data/kic-2.4a/src/bin/strtokic.c:1767:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"\nError: %s %s at offset %d.\n",str,what,CurrentOffset);
data/kic-2.4a/src/bin/strtokic.c:1768:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderror,buf);
data/kic-2.4a/src/bin/strtokic.c:1781:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"\nError: %s %d at offset %d.\n",str,type,CurrentOffset);
data/kic-2.4a/src/bin/strtokic.c:1782:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderror,buf);
data/kic-2.4a/src/bin/strtokic.c:1794:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"\nWarning: %s for instance %s in symbol %s at offset %d.\n",
data/kic-2.4a/src/bin/strtokic.c:1796:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderror,buf);
data/kic-2.4a/src/bin/strtokic.c:1808:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"\nWarning: %s %d in symbol %s at offset %d.\n",
data/kic-2.4a/src/bin/strtokic.c:1865:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wl->strname,strname);
data/kic-2.4a/src/bin/strtokic.c:1876:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wl->strname,strname);
data/kic-2.4a/src/bin/strtokic.c:1922:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(s,"%s %s",wl->dosname,wl->strname) != 2) {
data/kic-2.4a/src/bin/strtokic.c:2288:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"can't open file %s for reading",name);
data/kic-2.4a/src/bin/strtokic.c:2315:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"format error in %s",name);
data/kic-2.4a/src/cd/actions.c:140:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymTabNames[CDDesc.dNumSymbolTable],
data/kic-2.4a/src/cd/actions.c:173:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymTabNames[CDDesc.dNumSymbolTable],
data/kic-2.4a/src/cd/actions.c:207:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymTabNames[CDDesc.dNumSymbolTable],
data/kic-2.4a/src/cd/actions.c:244:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolName,PrevName);
data/kic-2.4a/src/cd/actions.c:246:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymTabNames[CDDesc.dNumSymbolTable],
data/kic-2.4a/src/cd/actions.c:257:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(PrevName,CDDesc.dSymbolName);
data/kic-2.4a/src/cd/actions.c:283:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymTabNames[CDDesc.dNumSymbolTable],
data/kic-2.4a/src/cd/actions.c:348:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut," Symbol %s ",CDDesc.dSymbolName);
data/kic-2.4a/src/cd/actions.c:556:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut," %s",CDDesc.dSymTabNames[Int1]);
data/kic-2.4a/src/cd/actions.c:563:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut," %s",CDDesc.dSymbolName);
data/kic-2.4a/src/cd/actions.c:585:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolName,CDDesc.dSymTabNames[Int1]);
data/kic-2.4a/src/cd/actions.c:1002:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(&(Text[1]),"%s%d%d%s",Label,&X,&Y,TypeOut) < 4)
data/kic-2.4a/src/cd/actions.c:1012:21: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(&(Text[1]),"%s%d%d",Label,&X,&Y);
data/kic-2.4a/src/cd/actions.c:1013:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"4 %s %d %d",Label,SCALE(X),SCALE(Y));
data/kic-2.4a/src/cd/actions.c:1020:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(&(Text[1]),"%s%d%d%d",Label,&X,&Y,&Layer);
data/kic-2.4a/src/cd/actions.c:1026:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"4 %s %d %d",Label,SCALE(X),SCALE(Y));
data/kic-2.4a/src/cd/actions.c:1035:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolName,&(Text[1]));
data/kic-2.4a/src/cd/actions.c:1036:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(CDDesc.dSymbolName,Text);
data/kic-2.4a/src/cd/actions.c:1061:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(&(Text[1]),"%s%d%d%d",Label,&X,&Y,&Xform);
data/kic-2.4a/src/cd/actions.c:1086:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolName,Text+X);
data/kic-2.4a/src/cd/actions.c:1091:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(Text,"%s",TypeOut);
data/kic-2.4a/src/cd/actions.c:1093:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(Text,"%s%d%d%d%d",TypeOut,&CDDesc.dNumX,&CDDesc.dDX,
data/kic-2.4a/src/cd/actions.c:1117:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(PDesc->prpty_String,&(Text[i]));
data/kic-2.4a/src/cd/cd.c:369:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolName,SymbolName);
data/kic-2.4a/src/cd/cd.c:370:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolDesc->sName,CDDesc.dSymbolName);
data/kic-2.4a/src/cd/cd.c:412:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDStatusString,StatusString);
data/kic-2.4a/src/cd/cd.c:435:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CDStatusString,
data/kic-2.4a/src/cd/cd.c:457:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolName,SymbolName);
data/kic-2.4a/src/cd/cd.c:458:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDDesc.dSymbolDesc->sName,CDDesc.dSymbolName);
data/kic-2.4a/src/cd/cd.c:984:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LabelDesc->laLabel,Label);
data/kic-2.4a/src/cd/cd.c:1211:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MasterListDesc->mName,SymbolName);
data/kic-2.4a/src/cd/cd.c:1221:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CDStatusString,"Symbol %s not found.",
data/kic-2.4a/src/cd/cd.c:1991:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prptyDesc->prpty_String,String);
data/kic-2.4a/src/cd/cd.c:2900:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDStatusString,StatusString);
data/kic-2.4a/src/cd/cd.c:2927:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDStatusString,StatusString);
data/kic-2.4a/src/cd/cd.c:2967:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CDStatusString,"Can't open file %s.",Root);
data/kic-2.4a/src/cd/cd.c:3034:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDStatusString,StatusString);
data/kic-2.4a/src/cd/cd.c:3045:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CDStatusString,StatusString);
data/kic-2.4a/src/cd/cd.c:3054:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CDStatusString,"Master %s doesn't seem to be around.\n",
data/kic-2.4a/src/cd/cd.c:3065:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CDStatusString,
data/kic-2.4a/src/cd/gencif.c:217:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,buf1);
data/kic-2.4a/src/cd/gencif.c:222:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,buf1);
data/kic-2.4a/src/cd/parser.c:650:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(PStatus,"%s Failed at around %s.",PErrorMessage,PString);
data/kic-2.4a/src/cd/parser.c:679:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Undefined layer: %c%s. ",Tech,Mask);
data/kic-2.4a/src/convert/convert.c:295:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(StreamFileName,Parameters.kpCellName);
data/kic-2.4a/src/convert/convert.c:297:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(StreamFileName, GDS_SUFFIX);
data/kic-2.4a/src/convert/convert.c:301:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(StreamFileName,s);
data/kic-2.4a/src/convert/convert.c:305:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(StreamFileName,0))
data/kic-2.4a/src/convert/convert.c:335:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PDesc->prpty_String,"%s",STRMLibrary->lib_name);
data/kic-2.4a/src/convert/convert.c:338:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PDesc->prpty_String,"%s %s",STRMLibrary->lib_lib1,
data/kic-2.4a/src/convert/convert.c:342:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PDesc->prpty_String,"%s %s %s %s",
data/kic-2.4a/src/convert/convert.c:350:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PDesc->prpty_String,"%s",STRMLibrary->lib_attr);
data/kic-2.4a/src/convert/convert.c:367:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Translation of %s failed.",Parameters.kpCellName);
data/kic-2.4a/src/convert/convert.c:371:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Translation of %s succeeded.",Parameters.kpCellName);
data/kic-2.4a/src/convert/convert.c:402:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Converting: %s",MasterName);
data/kic-2.4a/src/convert/convert.c:458:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMStructure->str_name,unalias(MasterName));
data/kic-2.4a/src/convert/convert.c:473:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMAref->ar_name,unalias(SymbolName));
data/kic-2.4a/src/convert/convert.c:546:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(STRMSref->sr_name,unalias(SymbolName));
data/kic-2.4a/src/convert/convert.c:677:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PDesc->prpty_String,"%s %d",garbage,&i);
data/kic-2.4a/src/convert/convert.c:733:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(PDesc->prpty_String,
data/kic-2.4a/src/convert/convert.c:1628:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CIFFile,Parameters.kpCellName);
data/kic-2.4a/src/convert/convert.c:1634:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CIFFile,s);
data/kic-2.4a/src/convert/convert.c:1636:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(CIFFile,0))
data/kic-2.4a/src/convert/convert.c:1645:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Translation of %s failed. MORE",
data/kic-2.4a/src/convert/convert.c:1652:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Translation of %s succeeded.",
data/kic-2.4a/src/convert/convert.c:1673:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CIFFile,s);
data/kic-2.4a/src/convert/convert.c:1675:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"CIF file %s not found.",CIFFile);
data/kic-2.4a/src/convert/convert.c:1686:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Translation of %s failed. MORE",CIFFile);
data/kic-2.4a/src/convert/convert.c:1692:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Translation of %s succeeded.",CIFFile);
data/kic-2.4a/src/convert/convert1.c:157:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't open stream file %s.",cp);
data/kic-2.4a/src/convert/convert1.c:202:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"( LIBNAME %s )",cbuf);
data/kic-2.4a/src/convert/convert1.c:224:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%s %s",cbuf,cbuf+44);
data/kic-2.4a/src/convert/convert1.c:231:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%s %s %s %s",cbuf,cbuf+44,cbuf+88,cbuf+132);
data/kic-2.4a/src/convert/convert1.c:247:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"( ATTRIBUTE TABLE %s )",cbuf);
data/kic-2.4a/src/convert/convert1.c:319:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CurrentSymbol,cbuf);
data/kic-2.4a/src/convert/convert1.c:323:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Converting: %s",cbuf);
data/kic-2.4a/src/convert/convert1.c:325:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Converting: %-30s(new name: %s)",cbuf,c);
data/kic-2.4a/src/convert/convert1.c:748:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string,cbuf);
data/kic-2.4a/src/convert/convert1.c:871:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Warning: Undefined symbol %s.",cbuf);
data/kic-2.4a/src/convert/convert1.c:1023:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cbuf,buf1);
data/kic-2.4a/src/convert/convert1.c:1028:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cbuf,buf1);
data/kic-2.4a/src/convert/convert1.c:1143:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Error: %s %s at offset %d.",str,what,CurrentOffset);
data/kic-2.4a/src/convert/convert1.c:1155:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Error: %s %d at offset %d.",str,type,CurrentOffset);
data/kic-2.4a/src/convert/convert1.c:1166:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Warning: %s for instance %s in symbol %s at offset %d.",
data/kic-2.4a/src/convert/convert1.c:1178:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Warning: %s %d in symbol %s at offset %d.",
data/kic-2.4a/src/convert/convert1.c:1357:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wl->strname,strname);
data/kic-2.4a/src/convert/convert1.c:1368:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wl->strname,strname);
data/kic-2.4a/src/convert/convert1.c:1418:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(s,"%s %s",wl->dosname,wl->strname) != 2) {
data/kic-2.4a/src/ginterf/fb.c:587:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(editBuf,s);
data/kic-2.4a/src/ginterf/fb.c:641:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(editBuf,++editC);
data/kic-2.4a/src/ginterf/fb.c:660:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(editBuf,++editC);
data/kic-2.4a/src/ginterf/fb.c:693:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf,editC);
data/kic-2.4a/src/ginterf/fb.c:695:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(++editC,tbuf);
data/kic-2.4a/src/ginterf/wfb.c:1639:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCellName, buf);
data/kic-2.4a/src/ginterf/wfb.c:1677:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lf.lfFaceName, MSW_FIXED_FONT);
data/kic-2.4a/src/ginterf/wfb.c:1850:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(editBuf,s);
data/kic-2.4a/src/ginterf/wfb.c:1904:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(editBuf,++editC);
data/kic-2.4a/src/ginterf/wfb.c:1923:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(editBuf,++editC);
data/kic-2.4a/src/ginterf/wfb.c:1956:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf,editC);
data/kic-2.4a/src/ginterf/wfb.c:1958:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(++editC,tbuf);
data/kic-2.4a/src/help/readhelp.c:257:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf,"%s/%s",HELPPATH,DBFILE);
data/kic-2.4a/src/help/textdisp.c:328:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, args);
data/kic-2.4a/src/help/textdisp.c:344:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, args);
data/kic-2.4a/src/help/textdisp.c:360:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, args);
data/kic-2.4a/src/help/textdisp.c:382:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, &args);
data/kic-2.4a/src/help/textdisp.c:384:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, args);
data/kic-2.4a/src/help/textdisp.c:404:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, &args);
data/kic-2.4a/src/help/textdisp.c:406:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, args);
data/kic-2.4a/src/help/textdisp.c:426:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, &args);
data/kic-2.4a/src/help/textdisp.c:428:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(buf, fmt, args);
data/kic-2.4a/src/help/textdisp.c:450:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(p, str);
data/kic-2.4a/src/help/textdisp.c:506:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (c && !access(c,0)) {
data/kic-2.4a/src/help/textdisp.c:507:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,c);
data/kic-2.4a/src/help/textdisp.c:509:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,s);
data/kic-2.4a/src/kic/attri.c:531:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,
data/kic-2.4a/src/kic/basic.c:96:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Cell %s has been modified. Save it? (y) ",
data/kic-2.4a/src/kic/basic.c:109:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't save %s.",Parameters.kpCellName);
data/kic-2.4a/src/kic/basic.c:232:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCellName,CellName);
data/kic-2.4a/src/kic/basic.c:255:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't edit cell %s. MORE",Parameters.kpCellName);
data/kic-2.4a/src/kic/basic.c:258:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%s",CDStatusString);
data/kic-2.4a/src/kic/basic.c:266:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpTopName,Parameters.kpCellName);
data/kic-2.4a/src/kic/basic.c:301:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Title,"KIC-%s (%s)",VersionString,Parameters.kpCellName);
data/kic-2.4a/src/kic/basic.c:342:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(NewName,TypeIn);
data/kic-2.4a/src/kic/basic.c:508:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,cname);
data/kic-2.4a/src/kic/contexts.c:108:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(New->ccMaster,Parameters.kpCellName);
data/kic-2.4a/src/kic/contexts.c:117:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCellName,MasterName);
data/kic-2.4a/src/kic/contexts.c:170:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't edit cell %s. MORE",Parameters.kpCellName);
data/kic-2.4a/src/kic/contexts.c:173:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%s",CDStatusString);
data/kic-2.4a/src/kic/contexts.c:212:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't display %s. MORE",
data/kic-2.4a/src/kic/contexts.c:224:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't write cell %s. MORE",NewName);
data/kic-2.4a/src/kic/contexts.c:304:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCellName,Context->ccMaster);
data/kic-2.4a/src/kic/contexts.c:340:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Cell %s has been modified. Save it? (y) ",
data/kic-2.4a/src/kic/contexts.c:354:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't save %s.",Cx->ccMaster);
data/kic-2.4a/src/kic/contexts.c:404:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TTmp,Parameters.kpSelectTypes);
data/kic-2.4a/src/kic/contexts.c:408:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpSelectTypes,TTmp);
data/kic-2.4a/src/kic/dir.c:152:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(b,"%-*s",colw,wl->l_word);
data/kic-2.4a/src/kic/dir.c:292:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s%c%s",dir,DIR_TERM,de->d_name);
data/kic-2.4a/src/kic/dir.c:332:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,dir);
data/kic-2.4a/src/kic/dir.c:358:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dd.d_name,((struct find_t *)d)->name);
data/kic-2.4a/src/kic/erase.c:48:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TTmp,Parameters.kpSelectTypes);
data/kic-2.4a/src/kic/erase.c:49:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpSelectTypes,Types);
data/kic-2.4a/src/kic/erase.c:121:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpSelectTypes,TTmp);
data/kic-2.4a/src/kic/hcopy.c:153:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpHardcopyDevice,outname);
data/kic-2.4a/src/kic/hcopy.c:203:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pname,outname);
data/kic-2.4a/src/kic/hcopy.c:205:19: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
outname = mktemp(tf);
data/kic-2.4a/src/kic/hcopy.c:254:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%s %s; unlink %s &",pname,outname,outname);
data/kic-2.4a/src/kic/hcopy.c:255:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(TypeOut);
data/kic-2.4a/src/kic/hcopy.c:402:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"KIC-%s Cell: %s ",VersionString,s);
data/kic-2.4a/src/kic/instance.c:60:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Current master cell is %s. New master? ",
data/kic-2.4a/src/kic/instance.c:71:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CurInstance.Name,TypeIn);
data/kic-2.4a/src/kic/instance.c:242:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,CurInstance.Name);
data/kic-2.4a/src/kic/instance.c:247:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CurInstance.Name,name);
data/kic-2.4a/src/kic/instance.c:257:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CurInstance.Name,buf);
data/kic-2.4a/src/kic/instance.c:401:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't create symbol %s.",TypeIn);
data/kic-2.4a/src/kic/instance.c:481:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"New symbol %s created and saved.",TypeIn);
data/kic-2.4a/src/kic/instance.c:495:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Can't display cell %s. MORE",Master);
data/kic-2.4a/src/kic/instance.c:505:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,
data/kic-2.4a/src/kic/labels.c:212:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TypeOut,Label);
data/kic-2.4a/src/kic/logo.c:83:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%s%c%s",PATH_TO_HELP,DIRC,FONT_FILE);
data/kic-2.4a/src/kic/logo.c:106:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
while (!access(name,0)) {
data/kic-2.4a/src/kic/logo.c:128:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"Symbol %s",name);
data/kic-2.4a/src/kic/logo.c:161:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"New symbol %s created, point to place.",name);
data/kic-2.4a/src/kic/measure.c:126:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%d %s; %d %s; %d %s/%s MORE",VariablesValue,
data/kic-2.4a/src/kic/measure.c:131:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%d %s; %d %s MORE",VariablesValue,VariablesName,
data/kic-2.4a/src/kic/point.c:256:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCommand,MenuEXIT);
data/kic-2.4a/src/kic/point.c:362:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,
data/kic-2.4a/src/kic/point.c:418:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCommand,Menu[Int3].mEntry);
data/kic-2.4a/src/kic/point.c:914:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpCommand,Menu[Row-1].mEntry);
data/kic-2.4a/src/kic/prpty.c:85:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(String,TypeIn);
data/kic-2.4a/src/kic/prpty.c:178:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbf, TEMPFILE);
data/kic-2.4a/src/kic/prpty.c:179:10: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
tf = mktemp(tbf);
data/kic-2.4a/src/kic/prpty.c:186:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1,"%s.LIS", tf);
data/kic-2.4a/src/kic/prpty.c:188:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, tf);
data/kic-2.4a/src/kic/prpty.c:198:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbf, t);
data/kic-2.4a/src/kic/prpty.c:199:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, tbf);
data/kic-2.4a/src/kic/redispla.c:370:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"%d/%d %s",NumX,NumY,MasterName);
data/kic-2.4a/src/kic/redispla.c:371:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(TypeOut,"%s",MasterName);
data/kic-2.4a/src/kic/select.c:694:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut,"You have selected an instance of %s.",SymbolName);
data/kic-2.4a/src/kic/select.c:735:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TTmp,Parameters.kpSelectTypes);
data/kic-2.4a/src/kic/select.c:739:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpSelectTypes,TTmp);
data/kic-2.4a/src/kic/techfile.c:203:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(inbuf+i, "%x %x %x %x %x %x %x %x %s",
data/kic-2.4a/src/kic/techfile.c:238:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(inbuf+i, "%x %x %x %x %x %x %x %x %s",
data/kic-2.4a/src/kic/techfile.c:345:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Parameters.kpHardcopyDevice,inbuf + i);
data/kic-2.4a/src/kic/viewport.c:728:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m1,Menu[Index].mEntry);
data/kic-2.4a/src/kic/viewport.c:731:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m2,Menu[j].mEntry);
data/kic-2.4a/src/kic/viewport.c:735:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Menu[k].mPrefix,Menu[k+1].mPrefix);
data/kic-2.4a/src/kic/viewport.c:899:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(BackPrompt,buffer);
data/kic-2.4a/src/kic/viewport.c:906:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(BackPrompt,buffer);
data/kic-2.4a/src/kic/viewport.c:941:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(BackPrompt,s);
data/kic-2.4a/src/kic/viewport.c:1273:11: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
tmp = mktemp(tf);
data/kic-2.4a/src/kic/viewport.c:1274:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpname,"%s.LIS",tmp);
data/kic-2.4a/src/kic/viewport.c:1286:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s%s %s",cp,tmp,bp);
data/kic-2.4a/src/kic/viewport.c:1294:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/kic-2.4a/src/kic/viewport.c:1301:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"DELETE %s;*",tmp);
data/kic-2.4a/src/kic/viewport.c:1302:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buffer);
data/kic-2.4a/src/kic/viewport.c:1313:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(cp);
data/kic-2.4a/src/kic/viewport.c:1320:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s > tmp__kic.__t",cp);
data/kic-2.4a/src/kic/viewport.c:1321:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(buffer);
data/kic-2.4a/src/kic/viewport.c:1353:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("xterm &");
data/kic-2.4a/src/kic/viewport.c:1377:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut, "Current working directory now %s", dir);
data/kic-2.4a/src/kic/viewport.c:1379:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TypeOut, "Directory change to %s failed", dir);
data/kic-2.4a/src/kic/viewport.c:1391:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s > tmp__kic.__t",cp);
data/kic-2.4a/src/kic/viewport.c:1392:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(buffer);
data/kic-2.4a/src/kic/viewport.c:1471:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "sh", "-c", cmd, 0);
data/kic-2.4a/src/xmfb/mfb.c:239:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mfbInitMessage, DeviceName ? DeviceName : "");
data/kic-2.4a/src/xmfb/mfb.c:245:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mfbInitMessage, DisplayString(mydisplay));
data/kic-2.4a/src/xmfb/mfb.c:1810:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,text);
data/kic-2.4a/src/xmfb/mfbtext.c:771:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myfontname, List[topline + i]);
data/kic-2.4a/src/bin/global.c:319:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
startupdir = getenv("KIC_LIB_DIR");
data/kic-2.4a/src/bin/kicmain.c:477:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
FB.fDisplay = CopyString(getenv("DISPLAY"));
data/kic-2.4a/src/bin/kicmain.c:1208:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
c = getenv("SRWDRV");
data/kic-2.4a/src/cd/paths.c:134:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HOME") == NULL)
data/kic-2.4a/src/cd/paths.c:156:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
length = strlen(getenv("HOME"));
data/kic-2.4a/src/cd/paths.c:160:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strncpy(*pdest, getenv("HOME"), length);
data/kic-2.4a/src/help/textdisp.c:502:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
static char buf[128], *c, *getenv();
data/kic-2.4a/src/help/textdisp.c:504:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
c = getenv("TMP");
data/kic-2.4a/src/kic/viewport.c:1232:10: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if (!CreateProcess(0, cmdline, 0, 0, True, flags,
data/kic-2.4a/src/kic/viewport.c:1232:10: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if (!CreateProcess(0, cmdline, 0, 0, True, flags,
data/kic-2.4a/src/kic/viewport.c:1346:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *shellpath = getenv("SHELL");
data/kic-2.4a/src/kic/viewport.c:1348:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
shellpath = getenv("COMSPEC");
data/kic-2.4a/src/kic/viewport.c:1372:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv("HOME");
data/kic-2.4a/src/bin/ciftokic.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CIFFile[81], *Tmp;
data/kic-2.4a/src/bin/ciftokic.c:95:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(CIFFile,"r");
data/kic-2.4a/src/bin/global.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *s, *p;
data/kic-2.4a/src/bin/global.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *s, *t, *dir;
data/kic-2.4a/src/bin/global.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/kic-2.4a/src/bin/global.c:376:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf, "r");
data/kic-2.4a/src/bin/global.c:386:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf, "r");
data/kic-2.4a/src/bin/global.c:396:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf,"r");
data/kic-2.4a/src/bin/global.c:406:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf,"r");
data/kic-2.4a/src/bin/kicmain.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *CellNames[MAXCELLS]; /* Cell names in argumnet list */
data/kic-2.4a/src/bin/kicmain.c:694:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char String[161];
data/kic-2.4a/src/bin/kicmain.c:711:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((TechFileDesc = fopen(String,"w")) == NULL) {
data/kic-2.4a/src/bin/kicmain.c:980:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cifplot = fopen("cifplot","w")) == NULL) {
data/kic-2.4a/src/bin/kicmain.c:1136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp, buf[256];
data/kic-2.4a/src/bin/kicmain.c:1137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tn[32];
data/kic-2.4a/src/bin/kicmain.c:1140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tn, "KcXXXXXX");
data/kic-2.4a/src/bin/kicmain.c:1143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "Memory allocation error. ");
data/kic-2.4a/src/bin/kicmain.c:1147:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"Sorry, couldn't save current cell.");
data/kic-2.4a/src/bin/kicmain.c:1149:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"Current cell saved in ");
data/kic-2.4a/src/bin/kicmain.c:1199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[32], *c;
data/kic-2.4a/src/bin/kicmain.c:1207:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cp_out = fopen("NUL","w");
data/kic-2.4a/src/bin/kicmain.c:1213:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cp_out = fopen("NUL","w");
data/kic-2.4a/src/bin/kicmain.c:1215:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cp_out = fopen("/dev/null","w");
data/kic-2.4a/src/bin/kicmain.c:1239:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Parameters.kpCommand,"plusretc");
data/kic-2.4a/src/bin/kicmain.c:1247:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Parameters.kpCommand,"rotate");
data/kic-2.4a/src/bin/kicmain.c:1253:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Parameters.kpCommand,"mirror");
data/kic-2.4a/src/bin/kicmain.c:1259:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Parameters.kpCommand,"tbrl");
data/kic-2.4a/src/bin/kicmain.c:1264:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Parameters.kpCommand,"a45s");
data/kic-2.4a/src/bin/kictocif.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Root[81];
data/kic-2.4a/src/bin/kictocif.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Path[81];
data/kic-2.4a/src/bin/kictocif.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CIFFile[81];
data/kic-2.4a/src/bin/kictocif.c:152:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(CIFFile, ".cif");
data/kic-2.4a/src/bin/kictostr.c:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Root[81];
data/kic-2.4a/src/bin/kictostr.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char StreamFileName[81];
data/kic-2.4a/src/bin/kictostr.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LayerFile[81];
data/kic-2.4a/src/bin/kictostr.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Path[81];
data/kic-2.4a/src/bin/kictostr.c:310:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(STRMLibrary.lib_name,"KICTOSTREAM");
data/kic-2.4a/src/bin/kictostr.c:455:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/kic-2.4a/src/bin/kictostr.c:459:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ltable = fopen(LayerFile,"r")) == NULL) {
data/kic-2.4a/src/bin/kictostr.c:569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char garbage[120];
data/kic-2.4a/src/bin/kictostr.c:916:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(STRMText.txt_text,Label,44);
data/kic-2.4a/src/bin/kictostr.c:1695:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[8];
data/kic-2.4a/src/bin/kictostr.c:1793:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[80], *c;
data/kic-2.4a/src/bin/kictostr.c:1796:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(ALIASFILE,"r")) == NULL) return;
data/kic-2.4a/src/bin/scale.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Root[81];
data/kic-2.4a/src/bin/scale.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TmpFile[81];
data/kic-2.4a/src/bin/scale.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char JnkFile[81];
data/kic-2.4a/src/bin/scale.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf1[32], tf2[32];
data/kic-2.4a/src/bin/scale.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tf1,"SCLXXXXXX");
data/kic-2.4a/src/bin/scale.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tf2,"SCLXXXXXX");
data/kic-2.4a/src/bin/strmtext.c:202:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((STREAMFILE = fopen(*++argv,"rb")) == NULL){
data/kic-2.4a/src/bin/strmtext.c:212:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((outfile = fopen(*++argv,"w")) == NULL){
data/kic-2.4a/src/bin/strmtext.c:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXRECSIZE];
data/kic-2.4a/src/bin/strmtext.c:641:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned short i[4]; unsigned char c[8];} u;
data/kic-2.4a/src/bin/strmtext.c:692:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { short i; char c[2];} si;
data/kic-2.4a/src/bin/strmtext.c:717:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union {int l; char c[4];} sl;
data/kic-2.4a/src/bin/strmtext.c:784:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { short i; char c[2];} si;
data/kic-2.4a/src/bin/strmtext.c:888:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union {double d; char c[8];} bf;
data/kic-2.4a/src/bin/strtokic.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hd_Text[512];
data/kic-2.4a/src/bin/strtokic.c:92:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *SymbolNames[MAXSYMBOLS];
data/kic-2.4a/src/bin/strtokic.c:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *LayerNames[256];
data/kic-2.4a/src/bin/strtokic.c:94:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CurrentSymbol[45];
data/kic-2.4a/src/bin/strtokic.c:95:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RootSymbol[45];
data/kic-2.4a/src/bin/strtokic.c:219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXRECSIZE + 4];
data/kic-2.4a/src/bin/strtokic.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RootFileName[81];
data/kic-2.4a/src/bin/strtokic.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char StreamFile[81];
data/kic-2.4a/src/bin/strtokic.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LayerFile[81];
data/kic-2.4a/src/bin/strtokic.c:332:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((STREAMFILE = fopen((cp = argv[1]),"rb")) == NULL) {
data/kic-2.4a/src/bin/strtokic.c:345:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((STREAMFILE = fopen(StreamFile,"rb")) == NULL)
data/kic-2.4a/src/bin/strtokic.c:366:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(LayerFile,"r")) != NULL) {
data/kic-2.4a/src/bin/strtokic.c:387:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((stderror = fopen(cp = "strtokic.err","w")) == NULL)
data/kic-2.4a/src/bin/strtokic.c:394:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(RootFileName,"Root");
data/kic-2.4a/src/bin/strtokic.c:395:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((RootDesc = fopen(RootFileName,"w")) == NULL)
data/kic-2.4a/src/bin/strtokic.c:436:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(HeaderCopy->hd_Text,"%d",strm_ival(cbuf));
data/kic-2.4a/src/bin/strtokic.c:530:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(HeaderCopy->hd_Text,"%d",strm_ival(cbuf));
data/kic-2.4a/src/bin/strtokic.c:628:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned short i[4]; unsigned char c[8];} u;
data/kic-2.4a/src/bin/strtokic.c:875:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf,"W %d",pathwidth);
data/kic-2.4a/src/bin/strtokic.c:960:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SymbolNames[NumSymbols-1]+4,"%d",NumArefs);
data/kic-2.4a/src/bin/strtokic.c:1065:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SymbolNames[NumSymbols-1]+4,"%d",NumArefs);
data/kic-2.4a/src/bin/strtokic.c:1089:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp, string[48];
data/kic-2.4a/src/bin/strtokic.c:1283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/bin/strtokic.c:1286:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Illegal layer %d datatype",layer);
data/kic-2.4a/src/bin/strtokic.c:1302:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Undefined layer %d datatype",layer);
data/kic-2.4a/src/bin/strtokic.c:1331:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(name,"w")) == 0)
data/kic-2.4a/src/bin/strtokic.c:1423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[40];
data/kic-2.4a/src/bin/strtokic.c:1427:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1," %d %d",xy[i+i],xy[i+i+1]);
data/kic-2.4a/src/bin/strtokic.c:1503:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/kic-2.4a/src/bin/strtokic.c:1513:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"line %d",i+2);
data/kic-2.4a/src/bin/strtokic.c:1526:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], name[45];
data/kic-2.4a/src/bin/strtokic.c:1545:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lnum = atoi(t);
data/kic-2.4a/src/bin/strtokic.c:1553:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dtyp = atoi(t);
data/kic-2.4a/src/bin/strtokic.c:1752:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/bin/strtokic.c:1765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/bin/strtokic.c:1779:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/bin/strtokic.c:1792:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/bin/strtokic.c:1806:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/bin/strtokic.c:1827:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dosname[10], *ext;
data/kic-2.4a/src/bin/strtokic.c:1894:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(ALIASFILE,"w");
data/kic-2.4a/src/bin/strtokic.c:1907:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[80], *c;
data/kic-2.4a/src/bin/strtokic.c:1910:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(ALIASFILE,"r")) == NULL) return;
data/kic-2.4a/src/bin/strtokic.c:2284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp, buf[80];
data/kic-2.4a/src/bin/strtokic.c:2286:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name,"r");
data/kic-2.4a/src/bin/strtokic.c:2327:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char keyword[40];
data/kic-2.4a/src/cd/actions.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char TypeOut[200];
data/kic-2.4a/src/cd/actions.c:229:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PrevName[FILENAMESIZE];
data/kic-2.4a/src/cd/actions.c:307:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDDesc.dSymTabNames[CDDesc.dNumSymbolTable],
data/kic-2.4a/src/cd/actions.c:338:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDDesc.dSymbolName,"Symbol%d",SymbolNum);
data/kic-2.4a/src/cd/actions.c:351:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut," Creation Date: %.24s ",ctime((time_t *)&Long1));
data/kic-2.4a/src/cd/actions.c:570:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDDesc.dSymbolName,"Symbol%d",SymbolNum);
data/kic-2.4a/src/cd/actions.c:571:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut," Symbol%d",SymbolNum);
data/kic-2.4a/src/cd/actions.c:587:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDDesc.dSymbolName,"Symbol%d",SymbolNum);
data/kic-2.4a/src/cd/actions.c:908:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[8];
data/kic-2.4a/src/cd/actions.c:926:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lnum = atoi(lname);
data/kic-2.4a/src/cd/actions.c:987:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Label[81];
data/kic-2.4a/src/cd/actions.c:1021:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%d ",Layer);
data/kic-2.4a/src/cd/actions.c:1149:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Out of memory.");
data/kic-2.4a/src/cd/cd.c:144:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CDDiagnosticString[LARGEBUFFERSIZE];
data/kic-2.4a/src/cd/cd.c:313:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Null symbol name encountered.");
data/kic-2.4a/src/cd/cd.c:2916:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Can't open file Root.");
data/kic-2.4a/src/cd/cd.c:2959:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Can't open CIF file.");
data/kic-2.4a/src/cd/cd.c:3204:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"CD Out of memory.");
data/kic-2.4a/src/cd/cd.c:3208:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Can't allow a zero width box.");
data/kic-2.4a/src/cd/cd.c:3213:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Transform stack is full.");
data/kic-2.4a/src/cd/cd.c:3217:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Can't set search path.");
data/kic-2.4a/src/cd/cd.c:3221:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CDStatusString,"Unknown Error.");
data/kic-2.4a/src/cd/gencif.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/kic-2.4a/src/cd/gencif.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/kic-2.4a/src/cd/gencif.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/kic-2.4a/src/cd/gencif.c:180:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"W %d",Width);
data/kic-2.4a/src/cd/gencif.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/kic-2.4a/src/cd/gencif.c:194:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"W %d",Width);
data/kic-2.4a/src/cd/gencif.c:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[80];
data/kic-2.4a/src/cd/gencif.c:214:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1," %d %d",Pair->pX-X,Pair->pY-Y);
data/kic-2.4a/src/cd/nmalloc.c:113:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *nm_freelist[NM_MAX_INDEX + 1];
data/kic-2.4a/src/cd/parser.c:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PStatus[80*3+1];
data/kic-2.4a/src/cd/parser.c:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PString[PSTRINGSIZE];
data/kic-2.4a/src/cd/parser.c:507:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Technology,Mask[4];
data/kic-2.4a/src/cd/parser.c:678:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[35];
data/kic-2.4a/src/cd/paths.c:44:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen my_fopen
data/kic-2.4a/src/cd/paths.c:76:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATHSIZE];
data/kic-2.4a/src/cd/paths.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[35];
data/kic-2.4a/src/cd/paths.c:314:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char realname[NAMESIZE];
data/kic-2.4a/src/cd/paths.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extendedname[NAMESIZE], *p, *p2;
data/kic-2.4a/src/cd/paths.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[256];
data/kic-2.4a/src/cd/paths.c:382:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(file,mode));
data/kic-2.4a/src/cd/paths.c:397:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(realname, mode));
data/kic-2.4a/src/cd/paths.c:407:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(realname, mode));
data/kic-2.4a/src/cd/paths.c:424:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(file, mode)) != NULL)
data/kic-2.4a/src/cd/paths.c:438:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(realname, mode);
data/kic-2.4a/src/cd/paths.c:447:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef fopen
data/kic-2.4a/src/cd/paths.c:457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *c, buf[8];
data/kic-2.4a/src/cd/paths.c:466:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(what,buf);
data/kic-2.4a/src/cd/xforms.c:394:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)Storage,
data/kic-2.4a/src/cd/xforms.c:403:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)Transforms->ttMatrix,
data/kic-2.4a/src/cd/xforms.c:412:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)Transforms->ttMatrix,
data/kic-2.4a/src/convert/convert.c:138:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfp = fopen(logfile,"w");
data/kic-2.4a/src/convert/convert.c:145:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfp = fopen(logfile,"w");
data/kic-2.4a/src/convert/convert.c:151:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfp = fopen(logfile,"w");
data/kic-2.4a/src/convert/convert.c:158:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfp = fopen(logfile,"w");
data/kic-2.4a/src/convert/convert.c:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char StreamFileName[81];
data/kic-2.4a/src/convert/convert.c:303:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(STRMLibrary->lib_name,"KICTOSTREAM");
data/kic-2.4a/src/convert/convert.c:613:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char garbage[80],*Label;
data/kic-2.4a/src/convert/convert.c:724:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(STRMText->txt_text,Label,44);
data/kic-2.4a/src/convert/convert.c:1542:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[8];
data/kic-2.4a/src/convert/convert.c:1621:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CIFFile[81];
data/kic-2.4a/src/convert/convert.c:1630:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(CIFFile,".cif");
data/kic-2.4a/src/convert/convert.c:1665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s,CIFFile[81],type;
data/kic-2.4a/src/convert/convert.c:1682:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"CIF file type: %c",type);
data/kic-2.4a/src/convert/convert1.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CurrentSymbol[45];
data/kic-2.4a/src/convert/convert1.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXRECSIZE + 4];
data/kic-2.4a/src/convert/convert1.c:155:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
StreamFile = fopen(cp,"rb");
data/kic-2.4a/src/convert/convert1.c:169:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Translation failed.");
data/kic-2.4a/src/convert/convert1.c:175:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Building symbol table.");
data/kic-2.4a/src/convert/convert1.c:190:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%d",strm_ival(cbuf));
data/kic-2.4a/src/convert/convert1.c:192:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"( VERSION %d )",strm_ival(cbuf));
data/kic-2.4a/src/convert/convert1.c:238:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%d",strm_ival(cbuf));
data/kic-2.4a/src/convert/convert1.c:240:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"( GENERATIONS %d )",strm_ival(cbuf));
data/kic-2.4a/src/convert/convert1.c:255:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Warning: unknown record type %d",type);
data/kic-2.4a/src/convert/convert1.c:273:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Translation complete.");
data/kic-2.4a/src/convert/convert1.c:503:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf,"W %d",pathwidth);
data/kic-2.4a/src/convert/convert1.c:582:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SymbolNames[NumSymbols-1]+4,"%d",NumArefs);
data/kic-2.4a/src/convert/convert1.c:682:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SymbolNames[NumSymbols-1]+4,"%d",NumArefs);
data/kic-2.4a/src/convert/convert1.c:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp, string[48];
data/kic-2.4a/src/convert/convert1.c:885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/convert/convert1.c:888:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Illegal layer %d datatype",layer);
data/kic-2.4a/src/convert/convert1.c:912:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Undefined layer %d datatype",layer);
data/kic-2.4a/src/convert/convert1.c:929:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(name,"w")) == 0)
data/kic-2.4a/src/convert/convert1.c:1016:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[40];
data/kic-2.4a/src/convert/convert1.c:1020:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1," %d %d",xy[i+i],xy[i+i+1]);
data/kic-2.4a/src/convert/convert1.c:1319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dosname[10], *ext;
data/kic-2.4a/src/convert/convert1.c:1386:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(ALIASFILE,"w");
data/kic-2.4a/src/convert/convert1.c:1403:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[80], *c;
data/kic-2.4a/src/convert/convert1.c:1406:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(ALIASFILE,"r")) == NULL) return;
data/kic-2.4a/src/ginterf/fb.c:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/kic-2.4a/src/ginterf/fb.c:556:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char editBuf[128], *editC;
data/kic-2.4a/src/ginterf/fb.c:572:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[128];
data/kic-2.4a/src/ginterf/fb.c:574:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *end, ctmp[2];
data/kic-2.4a/src/ginterf/ginterf.c:153:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plotfile = fopen(name, "w");
data/kic-2.4a/src/ginterf/ginterf.c:240:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"\033*b%dW",gp->bytpline);
data/kic-2.4a/src/ginterf/ginterf.c:246:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c,rgen,gp->bytpline);
data/kic-2.4a/src/ginterf/ginterf.c:275:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hexc[16] =
data/kic-2.4a/src/ginterf/ginterf.c:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, *s, *text, tbuf[512];
data/kic-2.4a/src/ginterf/ginterf.c:531:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line,(int*)poly->xy,(twonvert-2)*2*sizeof(int));
data/kic-2.4a/src/ginterf/ginterf.c:560:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xllist,xilist,(int)((char *) xip - (char *) xilist));
data/kic-2.4a/src/ginterf/ginterf.c:829:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[128];
data/kic-2.4a/src/ginterf/ginterf.c:925:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cout[5];
data/kic-2.4a/src/ginterf/ginterf.c:926:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cin[4];
data/kic-2.4a/src/ginterf/ginterf.c:1017:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plotfile = fopen(name, "w");
data/kic-2.4a/src/ginterf/ginterf.c:1021:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plotfile = fopen(name, "w");
data/kic-2.4a/src/ginterf/ginterf.c:1027:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plotfile = fopen(name, "w");
data/kic-2.4a/src/ginterf/ginterf.c:1030:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plotfile = fopen(name, "wb");
data/kic-2.4a/src/ginterf/wfb.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/kic-2.4a/src/ginterf/wfb.c:459:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char editBuf[128], *editC;
data/kic-2.4a/src/ginterf/wfb.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *in, buf[80];
data/kic-2.4a/src/ginterf/wfb.c:561:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Enter char size WxH (currently %dx%d)",
data/kic-2.4a/src/ginterf/wfb.c:571:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Parameters.kpFontName, "%dx%d",
data/kic-2.4a/src/ginterf/wfb.c:745:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logPalBuf[sizeof(LOGPALETTE) + CNUM*sizeof(PALETTEENTRY)];
data/kic-2.4a/src/ginterf/wfb.c:1340:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXCHARLINE+9]; /* add extra space for tab expansion */
data/kic-2.4a/src/ginterf/wfb.c:1464:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-DONE- (^U to scroll up, ? for help)");
data/kic-2.4a/src/ginterf/wfb.c:1466:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-MORE- (^U to scroll up, ^D to exit, ? for help)");
data/kic-2.4a/src/ginterf/wfb.c:1470:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "Page %d", ++pagecount);
data/kic-2.4a/src/ginterf/wfb.c:1596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/kic-2.4a/src/ginterf/wfb.c:1835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[128];
data/kic-2.4a/src/ginterf/wfb.c:1837:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *end, ctmp[2];
data/kic-2.4a/src/help/readhelp.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BSIZE], *s, *t;
data/kic-2.4a/src/help/readhelp.c:253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BSIZE];
data/kic-2.4a/src/help/readhelp.c:260:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf,"rb");
data/kic-2.4a/src/help/readhelp.c:289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BSIZE], *s, *t, *kw = NULL, *ti = NULL;
data/kic-2.4a/src/help/textdisp.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BSIZE], *s;
data/kic-2.4a/src/help/textdisp.c:176:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cp_out = fopen(ss,"a");
data/kic-2.4a/src/help/textdisp.c:179:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cp_out = fopen(ss,"w");
data/kic-2.4a/src/help/textdisp.c:208:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(s);
data/kic-2.4a/src/help/textdisp.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BSIZE];
data/kic-2.4a/src/help/textdisp.c:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLEN];
data/kic-2.4a/src/help/textdisp.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLEN];
data/kic-2.4a/src/help/textdisp.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLEN];
data/kic-2.4a/src/help/textdisp.c:377:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLEN];
data/kic-2.4a/src/help/textdisp.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLEN];
data/kic-2.4a/src/help/textdisp.c:421:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLEN];
data/kic-2.4a/src/help/textdisp.c:502:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128], *c, *getenv();
data/kic-2.4a/src/include/cd.h:311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*dSymTabNames)[FILENAMESIZE];
data/kic-2.4a/src/include/cd.h:344:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dSymbolName[FILENAMESIZE];
data/kic-2.4a/src/include/cd.h:353:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lMask[3];
data/kic-2.4a/src/include/kic.h:75:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char klStyle[8]; /* bit array for fill pattern */
data/kic-2.4a/src/include/kic.h:76:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char klAltStyle[8]; /* array for alt fill pattern */
data/kic-2.4a/src/include/kic.h:92:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char klTechnology,klMask[5]; /* layer name */
data/kic-2.4a/src/include/kic.h:123:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char TypeOut[200];
data/kic-2.4a/src/include/kic.h:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kwName[8];
data/kic-2.4a/src/include/kic.h:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kpSelectTypes[8];
data/kic-2.4a/src/include/kic.h:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kpHardcopyFormat[2];
data/kic-2.4a/src/include/kic.h:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kpFontName[81];
data/kic-2.4a/src/include/kic.h:435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mPrefix[6];
data/kic-2.4a/src/include/kicext.h:238:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char TypeOut[200];
data/kic-2.4a/src/include/mfb.h:263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontName[81]; /* X font name text string */
data/kic-2.4a/src/include/mfb.h:267:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lStyles[MAXLSTYLE][10]; /* All defined line styles */
data/kic-2.4a/src/include/parser.h:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char PStatus[80*3+1];
data/kic-2.4a/src/include/parser.h:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char PString[PSTRINGSIZE];
data/kic-2.4a/src/include/parser.h:89:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char PStatus[80*3+1];
data/kic-2.4a/src/include/parser.h:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char PString[PSTRINGSIZE];
data/kic-2.4a/src/include/stream.h:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *prp_propval[256]; /* pointers to the property strings */
data/kic-2.4a/src/include/stream.h:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_name[45]; /* pointer to library name */
data/kic-2.4a/src/include/stream.h:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_lib1[45]; /* pointers to reflib names */
data/kic-2.4a/src/include/stream.h:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_lib2[45];
data/kic-2.4a/src/include/stream.h:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_font0[45]; /* pointers to font names */
data/kic-2.4a/src/include/stream.h:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_font1[45];
data/kic-2.4a/src/include/stream.h:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_font2[45];
data/kic-2.4a/src/include/stream.h:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_font3[45];
data/kic-2.4a/src/include/stream.h:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_attr[45]; /* attribute filename */
data/kic-2.4a/src/include/stream.h:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_name[45];
data/kic-2.4a/src/include/stream.h:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt_text[45];
data/kic-2.4a/src/include/stream.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ar_name[45];
data/kic-2.4a/src/include/stream.h:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sr_name[45];
data/kic-2.4a/src/include/stream.h:237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strname[48];
data/kic-2.4a/src/include/stream.h:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dosname[10];
data/kic-2.4a/src/kic/attri.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[80];
data/kic-2.4a/src/kic/attri.c:189:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buf,"Enter number of sides for a round flash (8 to 90, now %d).",
data/kic-2.4a/src/kic/attri.c:201:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buf,"Clip polygon vertices to grid points (%c)?",
data/kic-2.4a/src/kic/attri.c:223:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"<%d,%d,%d>",
data/kic-2.4a/src/kic/attri.c:363:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(TypeOut,"Point to color for ");
data/kic-2.4a/src/kic/attri.c:365:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(TypeOut,"Set RGB for ");
data/kic-2.4a/src/kic/attri.c:385:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"menu text.");
data/kic-2.4a/src/kic/attri.c:389:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"menu highlighting.");
data/kic-2.4a/src/kic/attri.c:393:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"selected menu text.");
data/kic-2.4a/src/kic/attri.c:397:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"\"more\" mode text.");
data/kic-2.4a/src/kic/attri.c:401:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"prompt message text.");
data/kic-2.4a/src/kic/attri.c:405:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"fine grid lines.");
data/kic-2.4a/src/kic/attri.c:409:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"coarse grid lines.");
data/kic-2.4a/src/kic/attri.c:413:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"unexpanded instance bounding boxes.");
data/kic-2.4a/src/kic/attri.c:417:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"unexpanded instance names.");
data/kic-2.4a/src/kic/attri.c:421:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut,"unexpanded instance sizes.");
data/kic-2.4a/src/kic/attri.c:485:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Show grid in hard copy? (%c) ",
data/kic-2.4a/src/kic/attri.c:501:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Hex code for grid line style, 0 for point grid (%x)?",
data/kic-2.4a/src/kic/attri.c:510:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Show grid above layout geometries (%c)?",
data/kic-2.4a/src/kic/attri.c:520:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Show grid in coarse viewport of a split screen (%c)?",
data/kic-2.4a/src/kic/attri.c:546:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Grid/Snap point spacing now %g/%g.",
data/kic-2.4a/src/kic/attri.c:688:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Minimum dimension? (currently %g): ",(double)
data/kic-2.4a/src/kic/attri.c:697:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,
data/kic-2.4a/src/kic/attri.c:758:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Enter new layer number (1 for bottom layer, %d for top).",
data/kic-2.4a/src/kic/attri.c:948:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"<%d,%d,%d>",ColorTable[Color].R,
data/kic-2.4a/src/kic/attri.c:957:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"<%d,%d,%d>",
data/kic-2.4a/src/kic/basic.c:156:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Snap point spacing set to %g",
data/kic-2.4a/src/kic/basic.c:299:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Title[80];
data/kic-2.4a/src/kic/basic.c:326:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *TypeIn,NewName[64];
data/kic-2.4a/src/kic/basic.c:487:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[81];
data/kic-2.4a/src/kic/break.c:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Types[4];
data/kic-2.4a/src/kic/contexts.c:400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TTmp[8];
data/kic-2.4a/src/kic/debug.c:64:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%d symbols allocated so far by CD package.",
data/kic-2.4a/src/kic/dir.c:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[20];
data/kic-2.4a/src/kic/dir.c:114:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(TypeOut," :");
data/kic-2.4a/src/kic/dir.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/kic-2.4a/src/kic/dir.c:293:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf,"r");
data/kic-2.4a/src/kic/dir.c:330:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/kic/dir.c:334:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"*.*");
data/kic-2.4a/src/kic/dir.c:336:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"\\*.*");
data/kic-2.4a/src/kic/erase.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TTmp[8];
data/kic-2.4a/src/kic/erase.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Types[4];
data/kic-2.4a/src/kic/hcopy.c:56:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
struct { short attr; unsigned char pattrn[8];} Temp[CDNUMLAYERS+1];
data/kic-2.4a/src/kic/hcopy.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pname[256];
data/kic-2.4a/src/kic/hcopy.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf[32];
data/kic-2.4a/src/kic/hcopy.c:68:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Temp[Int1].pattrn,LayerTable[Int1].klStyle,8);
data/kic-2.4a/src/kic/hcopy.c:69:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(LayerTable[Int1].klStyle,LayerTable[Int1].klAltStyle,8);
data/kic-2.4a/src/kic/hcopy.c:127:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,
data/kic-2.4a/src/kic/hcopy.c:134:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Int1 = atoi(TypeIn);
data/kic-2.4a/src/kic/hcopy.c:204:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tf,"/tmp/hcXXXXXX");
data/kic-2.4a/src/kic/hcopy.c:222:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(LayerTable[Int1].klAltStyle,LayerTable[Int1].klStyle,8);
data/kic-2.4a/src/kic/hcopy.c:223:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(LayerTable[Int1].klStyle,Temp[Int1].pattrn,8);
data/kic-2.4a/src/kic/hcopy.c:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[120], buf1[80], *s, *strrchr();
data/kic-2.4a/src/kic/hcopy.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LayerName[8];
data/kic-2.4a/src/kic/hcopy.c:396:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1,"%02d-%02d-%02d %02d:%02d",t->tm_mon+1,t->tm_mday,
data/kic-2.4a/src/kic/hcopy.c:493:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Frame entered: %d,%d %d,%d",
data/kic-2.4a/src/kic/init.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TypeOut[200];
data/kic-2.4a/src/kic/instance.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[82];
data/kic-2.4a/src/kic/instance.c:237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[82];
data/kic-2.4a/src/kic/instance.c:332:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Number X? (currently %d): ",Parameters.kpNumX);
data/kic-2.4a/src/kic/instance.c:341:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Number Y? (currently %d): ",Parameters.kpNumY);
data/kic-2.4a/src/kic/instance.c:351:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"X Spacing? (currently %g): ",Parameters.kpDX);
data/kic-2.4a/src/kic/instance.c:356:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Y Spacing? (currently %g): ",Parameters.kpDY);
data/kic-2.4a/src/kic/logo.c:64:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen my_fopen
data/kic-2.4a/src/kic/logo.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, buf[80];
data/kic-2.4a/src/kic/logo.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12];
data/kic-2.4a/src/kic/logo.c:81:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(FONT_FILE,"rb");
data/kic-2.4a/src/kic/logo.c:84:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(TypeOut,"rb");
data/kic-2.4a/src/kic/logo.c:107:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,".%d",i);
data/kic-2.4a/src/kic/logo.c:121:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
kf = fopen(name,"w");
data/kic-2.4a/src/kic/logo.c:308:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64],*s;
data/kic-2.4a/src/kic/logo.c:328:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (char_id != atoi((char*)buf)) continue;
data/kic-2.4a/src/kic/logo.c:346:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi((char*)buf);
data/kic-2.4a/src/kic/logo.c:365:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union {unsigned short i; unsigned char c[2];} u;
data/kic-2.4a/src/kic/logo.c:391:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef fopen
data/kic-2.4a/src/kic/logo.c:401:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *c, buf[8];
data/kic-2.4a/src/kic/logo.c:410:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(what,buf);
data/kic-2.4a/src/kic/modify.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Types[4];
data/kic-2.4a/src/kic/point.c:458:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%d",cnt);
data/kic-2.4a/src/kic/prpty.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char String[256];
data/kic-2.4a/src/kic/prpty.c:168:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *tmpfile;
data/kic-2.4a/src/kic/prpty.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[120];
data/kic-2.4a/src/kic/prpty.c:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbf[128];
data/kic-2.4a/src/kic/prpty.c:194:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpfile = fopen(buf1,"w")) == NULL) {
data/kic-2.4a/src/kic/prpty.c:200:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpfile = fopen(buf1, "w");
data/kic-2.4a/src/kic/prpty.c:202:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!tmpfile) {
data/kic-2.4a/src/kic/prpty.c:210:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fprintf(tmpfile,"Object has no properties.\n");
data/kic-2.4a/src/kic/prpty.c:213:25: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fprintf(tmpfile,"%6d %s\n",PrptyDesc->prpty_Value,
data/kic-2.4a/src/kic/prpty.c:218:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fclose(tmpfile);
data/kic-2.4a/src/kic/prpty.c:219:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpfile = fopen(buf1,"r")) == NULL) {
data/kic-2.4a/src/kic/prpty.c:227:41: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
View->kvFineViewport->kaTop,tmpfile);
data/kic-2.4a/src/kic/prpty.c:228:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fclose(tmpfile);
data/kic-2.4a/src/kic/redispla.c:376:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g/%g",(double)(BB.kaRight-BB.kaLeft)/RESOLUTION,
data/kic-2.4a/src/kic/select.c:727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TTmp[8];
data/kic-2.4a/src/kic/techfile.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[512];
data/kic-2.4a/src/kic/techfile.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[512]; /* 512 character input buffer */
data/kic-2.4a/src/kic/techfile.c:489:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char keyword[40];
data/kic-2.4a/src/kic/viewport.c:164:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)KicCursor.kcX/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:169:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)KicCursor.kcY/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:174:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)KicCursor.kcDX/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:179:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)KicCursor.kcDY/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:185:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)KicCursor.kcX/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:190:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)KicCursor.kcY/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:195:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)(KicCursor.kcX-RelX)/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:200:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",(double)(KicCursor.kcY-RelY)/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:207:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"%g",View->kvCoarseWindow->kaWidth/RESOLUTION);
data/kic-2.4a/src/kic/viewport.c:255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kic-2.4a/src/kic/viewport.c:271:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf," Resistance: %g (L to R), %g (B to T)",
data/kic-2.4a/src/kic/viewport.c:276:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf," Capacitance: %g",*ee->e_parms*Wid*Hei);
data/kic-2.4a/src/kic/viewport.c:295:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf," Along %c: L=%g C=%g Z=%g T=%g",
data/kic-2.4a/src/kic/viewport.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LayerName[5];
data/kic-2.4a/src/kic/viewport.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LayerName[5];
data/kic-2.4a/src/kic/viewport.c:722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m1[32], m2[32];
data/kic-2.4a/src/kic/viewport.c:756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MenuSelection[8],*prefix;
data/kic-2.4a/src/kic/viewport.c:794:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MenuSelection[8], *prefix, Fill;
data/kic-2.4a/src/kic/viewport.c:844:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char BackPrompt[200];
data/kic-2.4a/src/kic/viewport.c:885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/kic-2.4a/src/kic/viewport.c:905:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buffer[Int1]," MORE");
data/kic-2.4a/src/kic/viewport.c:935:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4];
data/kic-2.4a/src/kic/viewport.c:1255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/kic-2.4a/src/kic/viewport.c:1256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[80];
data/kic-2.4a/src/kic/viewport.c:1257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf[32];
data/kic-2.4a/src/kic/viewport.c:1272:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tf,"SYSXXXXXX");
data/kic-2.4a/src/kic/viewport.c:1295:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((list = fopen(tmp,"r")) != NULL){
data/kic-2.4a/src/kic/viewport.c:1307:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/kic-2.4a/src/kic/viewport.c:1322:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
list = fopen("tmp__kic.__t","r");
data/kic-2.4a/src/kic/viewport.c:1389:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/kic-2.4a/src/kic/viewport.c:1393:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
list = fopen("tmp__kic.__t","r");
data/kic-2.4a/src/kic/wires.c:65:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Point to the reference points (current width %g).",
data/kic-2.4a/src/kic/wires.c:367:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,
data/kic-2.4a/src/kic/wires.c:442:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,"Wire width for current layer is %g, enter new width: ",
data/kic-2.4a/src/kic/wires.c:450:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut,
data/kic-2.4a/src/kic/zoom.c:375:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Parameters.kpWindowStack->kwName,"prev");
data/kic-2.4a/src/kic/zoom.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/kic-2.4a/src/kic/zoom.c:425:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Current view assigned to: %c",'A'+i);
data/kic-2.4a/src/xmfb/mfb.c:169:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mfbInitMessage[81] =
data/kic-2.4a/src/xmfb/mfb.c:793:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20];
data/kic-2.4a/src/xmfb/mfb.c:1134:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char InputBuffer[200];
data/kic-2.4a/src/xmfb/mfb.c:1306:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[8];
data/kic-2.4a/src/xmfb/mfb.c:2168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[80];
data/kic-2.4a/src/xmfb/mfbtext.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXCHARLINE+9]; /* add extra space for tab expansion */
data/kic-2.4a/src/xmfb/mfbtext.c:177:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-DONE- (^U to scroll up, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:179:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-MORE- (^U to scroll up, ^D to exit, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:182:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "Page %d", ++pagecount);
data/kic-2.4a/src/xmfb/mfbtext.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXCHARLINE+9]; /* add extra space for tab expansion */
data/kic-2.4a/src/xmfb/mfbtext.c:376:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-DONE- (^U to scroll up, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:379:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-MORE- (^U to scroll up, ^D to exit, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:383:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "Page %d of %d", pagecount, lastpage);
data/kic-2.4a/src/xmfb/mfbtext.c:385:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "Page %d", pagecount);
data/kic-2.4a/src/xmfb/mfbtext.c:519:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MAXCHARLINE+9]; /* add extra space for tab expansion */
data/kic-2.4a/src/xmfb/mfbtext.c:546:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char myfontname[129] = "";
data/kic-2.4a/src/xmfb/mfbtext.c:604:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "%d. ", curline + 1);
data/kic-2.4a/src/xmfb/mfbtext.c:707:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-DONE- (^U to scroll up, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:710:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-MORE- (^U to scroll up, ^D to exit, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:714:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "Page %d of %d", pagecount, lastpage);
data/kic-2.4a/src/xmfb/mfbtext.c:716:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf, "Page %d", pagecount);
data/kic-2.4a/src/xmfb/mfbtext.c:884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[81];
data/kic-2.4a/src/xmfb/mfbtext.c:902:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctext[9];
data/kic-2.4a/src/xmfb/mfbtext.c:1042:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ctext, "%02X", cleft);
data/kic-2.4a/src/xmfb/mfbtext.c:1054:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ctext, "%02X", i);
data/kic-2.4a/src/xmfb/mfbtext.c:1063:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-DONE- (^U to scroll up, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:1065:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cbuf, "-MORE- (^U to scroll up, ^D to exit, ? for help)");
data/kic-2.4a/src/xmfb/mfbtext.c:1068:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf,
data/kic-2.4a/src/xmfb/xfb.c:166:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(TypeOut, "New beep volume [%d]?", Parameters.kpPointBeepVolume);
data/kic-2.4a/src/bin/ciftokic.c:209:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/bin/ciftokic.c:212:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(cfile)) != EOF) && (c != ';')) ;
data/kic-2.4a/src/bin/ciftokic.c:215:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(cfile)) == EOF)
data/kic-2.4a/src/bin/ciftokic.c:218:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(cfile)) != EOF) && (c != ';')) ;
data/kic-2.4a/src/bin/ciftokic.c:223:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(cfile)) != EOF) && (c != ';')) ;
data/kic-2.4a/src/bin/ciftokic.c:228:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/bin/ciftokic.c:233:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF)
data/kic-2.4a/src/bin/ciftokic.c:240:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/bin/ciftokic.c:253:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/bin/global.c:211:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = string + strlen(string) - 1; s >= string; s--) {
data/kic-2.4a/src/bin/global.c:258:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/kic-2.4a/src/bin/global.c:327:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = malloc(strlen(startupdir) + 1);
data/kic-2.4a/src/bin/global.c:356:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *dst = (char*)malloc(strlen(src)+1);
data/kic-2.4a/src/bin/helpmain.c:231:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
key = getc(cp_in);
data/kic-2.4a/src/bin/kicmain.c:492:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Tech) > 3)
data/kic-2.4a/src/bin/kicmain.c:495:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TECH_EXT = malloc(strlen(Tech) + 1);
data/kic-2.4a/src/bin/kicmain.c:1109:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = tmalloc(strlen(s)+1);
data/kic-2.4a/src/bin/kicmain.c:1151:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,".");
data/kic-2.4a/src/bin/kicmain.c:1290:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(TypeOut) + strlen(string) < 200)
data/kic-2.4a/src/bin/kicmain.c:1290:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(TypeOut) + strlen(string) < 200)
data/kic-2.4a/src/bin/kicmain.c:1293:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(TypeOut,"\n");
data/kic-2.4a/src/bin/kictocif.c:104:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Tech) > 3)
data/kic-2.4a/src/bin/kictocif.c:107:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TECH_EXT = malloc(strlen(Tech) + 1);
data/kic-2.4a/src/bin/kictostr.c:249:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Tech) > 3)
data/kic-2.4a/src/bin/kictostr.c:252:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TECH_EXT = tmalloc(strlen(Tech) + 1);
data/kic-2.4a/src/bin/kictostr.c:675:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(PrptyDesc->prpty_String) + 2;
data/kic-2.4a/src/bin/kictostr.c:755:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(PrptyDesc->prpty_String) + 2;
data/kic-2.4a/src/bin/kictostr.c:821:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(PrptyDesc->prpty_String) + 2;
data/kic-2.4a/src/bin/kictostr.c:1235:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(cp);
data/kic-2.4a/src/bin/kictostr.c:1269:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(cp);
data/kic-2.4a/src/bin/scale.c:103:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Tech) > 3)
data/kic-2.4a/src/bin/scale.c:106:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TECH_EXT = malloc(strlen(Tech) + 1);
data/kic-2.4a/src/bin/scale.c:124:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getchar() != 'y')
data/kic-2.4a/src/bin/strmtext.c:254:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
numb = (unsigned char)getc(workfile);
data/kic-2.4a/src/bin/strmtext.c:255:44: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
numb = numb * 256 + (unsigned char)getc(workfile) - 4;
data/kic-2.4a/src/bin/strmtext.c:256:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
type = (unsigned char)getc(workfile);
data/kic-2.4a/src/bin/strmtext.c:257:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
datatype = getc(workfile);
data/kic-2.4a/src/bin/strmtext.c:259:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbuf[i] = (unsigned char)getc(workfile);
data/kic-2.4a/src/bin/strtokic.c:312:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Tech) > 3)
data/kic-2.4a/src/bin/strtokic.c:315:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TECH_EXT = malloc(strlen(Tech) + 1);
data/kic-2.4a/src/bin/strtokic.c:410:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((i = getc(STREAMFILE)) != 0) {
data/kic-2.4a/src/bin/strtokic.c:1211:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte0 = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1212:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte1 = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1213:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rtype = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1214:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dtype = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1217:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte1 = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1218:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte0 = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1219:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dtype = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1220:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rtype = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1235:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbuf[size] = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1236:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbuf[size+1] = getc(STREAMFILE);
data/kic-2.4a/src/bin/strtokic.c:1347:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SymbolNames[NumSymbols] = tmalloc(strlen(name)+1);
data/kic-2.4a/src/bin/strtokic.c:1425:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cbuf);
data/kic-2.4a/src/bin/strtokic.c:1428:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(buf1);
data/kic-2.4a/src/bin/strtokic.c:1840:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(strname) <= 8)
data/kic-2.4a/src/bin/strtokic.c:1843:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ext && ((int)(ext - strname) <= 8) && strlen(ext) <= 3)
data/kic-2.4a/src/bin/strtokic.c:1846:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dosname,strname,6);
data/kic-2.4a/src/bin/strtokic.c:1849:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dosname,strname,6);
data/kic-2.4a/src/bin/strtokic.c:1866:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wl->dosname,dosname,7);
data/kic-2.4a/src/bin/strtokic.c:1877:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wl->dosname,dosname,7);
data/kic-2.4a/src/bin/strtokic.c:2330:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c = getc(file)) < '0' ||
data/kic-2.4a/src/bin/strtokic.c:2343:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/kic-2.4a/src/bin/strtokic.c:2348:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/kic-2.4a/src/cd/actions.c:1114:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(&(Text[i])) + 2;
data/kic-2.4a/src/cd/cd.c:323:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Int2 = strlen(SymbolName);
data/kic-2.4a/src/cd/cd.c:538:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Int2 = strlen(SymbolName);
data/kic-2.4a/src/cd/cd.c:573:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Int2 = strlen(SymbolDesc->sName);
data/kic-2.4a/src/cd/cd.c:981:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(Label) + 2;
data/kic-2.4a/src/cd/cd.c:1201:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(SymbolName) + 2;
data/kic-2.4a/src/cd/cd.c:1225:21: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(MasterListDesc->mName,"");
data/kic-2.4a/src/cd/cd.c:1985:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(String) + 2;
data/kic-2.4a/src/cd/gencif.c:211:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/kic-2.4a/src/cd/gencif.c:215:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(buf1);
data/kic-2.4a/src/cd/parser.c:521:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((PChar = getc(PCIFFileDesc)) == EOF) {
data/kic-2.4a/src/cd/parser.c:703:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PChar = getc(PCIFFileDesc);
data/kic-2.4a/src/cd/parser.c:723:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) == ' ' Or PChar == '\t' Or
data/kic-2.4a/src/cd/parser.c:736:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '('
data/kic-2.4a/src/cd/parser.c:750:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '('
data/kic-2.4a/src/cd/parser.c:774:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) == ' ' Or PChar == '\t' Or
data/kic-2.4a/src/cd/parser.c:795:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '('
data/kic-2.4a/src/cd/parser.c:818:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '('
data/kic-2.4a/src/cd/parser.c:856:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PChar = getc(PCIFFileDesc);
data/kic-2.4a/src/cd/paths.c:156:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(getenv("HOME"));
data/kic-2.4a/src/cd/paths.c:160:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*pdest, getenv("HOME"), length);
data/kic-2.4a/src/cd/paths.c:164:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(passwd->pw_dir);
data/kic-2.4a/src/cd/paths.c:166:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*pdest, passwd->pw_dir, length);
data/kic-2.4a/src/cd/paths.c:348:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(file);
data/kic-2.4a/src/cd/paths.c:350:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(extendedname, file, length);
data/kic-2.4a/src/cd/paths.c:353:29: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (length > 0) strncpy(p, ext, length);
data/kic-2.4a/src/cd/paths.c:395:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(realname, file, NAMESIZE-1);
data/kic-2.4a/src/cd/paths.c:436:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (spaceleft > 0) strncpy(p2, file, spaceleft);
data/kic-2.4a/src/cd/paths.c:460:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,how,8);
data/kic-2.4a/src/convert/convert.c:180:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > FB.fNumColumns - 8) {
data/kic-2.4a/src/convert/convert.c:1097:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(cp);
data/kic-2.4a/src/convert/convert.c:1131:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(cp);
data/kic-2.4a/src/convert/convert.c:1723:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/convert/convert.c:1726:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(cfile)) != EOF) && (c != ';')) ;
data/kic-2.4a/src/convert/convert.c:1729:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(cfile)) == EOF)
data/kic-2.4a/src/convert/convert.c:1732:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(cfile)) != EOF) && (c != ';')) ;
data/kic-2.4a/src/convert/convert.c:1737:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(cfile)) != EOF) && (c != ';')) ;
data/kic-2.4a/src/convert/convert.c:1742:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/convert/convert.c:1747:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF)
data/kic-2.4a/src/convert/convert.c:1754:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/convert/convert.c:1767:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(cfile)) != EOF) {
data/kic-2.4a/src/convert/convert1.c:164:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((i = getc(StreamFile)) != 0)
data/kic-2.4a/src/convert/convert1.c:817:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte0 = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:818:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte1 = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:819:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rtype = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:820:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:823:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte1 = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:824:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte0 = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:825:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:826:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rtype = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:841:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbuf[size] = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:842:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbuf[size+1] = getc(StreamFile);
data/kic-2.4a/src/convert/convert1.c:1018:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cbuf);
data/kic-2.4a/src/convert/convert1.c:1021:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(buf1);
data/kic-2.4a/src/convert/convert1.c:1332:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(strname) <= 8)
data/kic-2.4a/src/convert/convert1.c:1335:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ext && ((int)(ext - strname) <= 8) && strlen(ext) <= 3)
data/kic-2.4a/src/convert/convert1.c:1338:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dosname,strname,6);
data/kic-2.4a/src/convert/convert1.c:1341:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dosname,strname,6);
data/kic-2.4a/src/convert/convert1.c:1358:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wl->dosname,dosname,7);
data/kic-2.4a/src/convert/convert1.c:1369:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wl->dosname,dosname,7);
data/kic-2.4a/src/ginterf/ginterf.c:241:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/kic-2.4a/src/ginterf/wfb.c:1163:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TextOut(w_dc, x, INV(y), text, strlen(text));
data/kic-2.4a/src/ginterf/wfb.c:1172:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TextOut(w_dc, x, INV(y), text, strlen(text));
data/kic-2.4a/src/ginterf/wfb.c:1403:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(Textfile)) != '\n' && c != EOF) {
data/kic-2.4a/src/ginterf/wfb.c:1469:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = Left + textwidth(cbuf, strlen(cbuf));
data/kic-2.4a/src/ginterf/wfb.c:1471:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = Right - textwidth(cbuf, strlen(cbuf)) - 3;
data/kic-2.4a/src/ginterf/wfb.c:1998:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t);
data/kic-2.4a/src/help/readhelp.c:112:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s)-1;
data/kic-2.4a/src/help/readhelp.c:154:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = strlen(buf)) > top->maxcols)
data/kic-2.4a/src/help/readhelp.c:337:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s)-1;
data/kic-2.4a/src/help/readhelp.c:381:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/help/readhelp.c:383:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/help/textdisp.c:282:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tt->description) + 5 > maxwidth)
data/kic-2.4a/src/help/textdisp.c:283:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxwidth = strlen(tt->description) + 5;
data/kic-2.4a/src/help/textdisp.c:449:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = TMALLOC(strlen(str) + 1);
data/kic-2.4a/src/help/textdisp.c:508:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"\\");
data/kic-2.4a/src/include/parser.h:162:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PChar = getc(PCIFFileDesc); \
data/kic-2.4a/src/include/parser.h:175:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) == ' ' Or PChar == '\t' Or \
data/kic-2.4a/src/include/parser.h:188:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '(' \
data/kic-2.4a/src/include/parser.h:202:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '(' \
data/kic-2.4a/src/include/parser.h:219:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) == ' ' Or PChar == '\t' Or \
data/kic-2.4a/src/include/parser.h:234:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '(' \
data/kic-2.4a/src/include/parser.h:250:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((PChar = getc(PCIFFileDesc)) != '-' And PChar != '(' \
data/kic-2.4a/src/include/parser.h:276:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PChar = getc(PCIFFileDesc); \
data/kic-2.4a/src/kic/attri.c:194:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(TypeIn)) break;
data/kic-2.4a/src/kic/attri.c:538:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(TypeIn)) {
data/kic-2.4a/src/kic/basic.c:496:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/kic-2.4a/src/kic/basic.c:507:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len + strlen(cname) + 1 < 512)
data/kic-2.4a/src/kic/contexts.c:102:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
New->ccMaster = malloc(strlen(Parameters.kpCellName)+1);
data/kic-2.4a/src/kic/dir.c:143:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wl->l_word);
data/kic-2.4a/src/kic/dir.c:153:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = buf + strlen(buf);
data/kic-2.4a/src/kic/dir.c:300:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf[i] = getc(fp);
data/kic-2.4a/src/kic/hcopy.c:152:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmalloc(strlen(outname)+1);
data/kic-2.4a/src/kic/hcopy.c:405:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBScaledText(buf1,FB.fMaxX - Margin - strlen(buf1)*cwidth,ypos,0,
data/kic-2.4a/src/kic/logo.c:99:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,s,80);
data/kic-2.4a/src/kic/logo.c:101:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,s,8);
data/kic-2.4a/src/kic/logo.c:315:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:317:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:319:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:321:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:325:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:330:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:332:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:334:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:337:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:341:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/kic-2.4a/src/kic/logo.c:404:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,how,8);
data/kic-2.4a/src/kic/more.c:56:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(s) > MoreCols) {
data/kic-2.4a/src/kic/select.c:736:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Parameters.kpSelectTypes,Types,8);
data/kic-2.4a/src/kic/techfile.c:344:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Parameters.kpHardcopyDevice = malloc(strlen(inbuf) + 1);
data/kic-2.4a/src/kic/techfile.c:453:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Parameters.kpFontName, ip, 80);
data/kic-2.4a/src/kic/techfile.c:492:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(file)) < 0101 || c > 0132) && (c < 0141 || c > 0172))
data/kic-2.4a/src/kic/techfile.c:500:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/kic-2.4a/src/kic/techfile.c:507:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/kic-2.4a/src/kic/viewport.c:168:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"y=");
data/kic-2.4a/src/kic/viewport.c:173:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"dx=");
data/kic-2.4a/src/kic/viewport.c:178:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"dy=");
data/kic-2.4a/src/kic/viewport.c:189:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"y=");
data/kic-2.4a/src/kic/viewport.c:194:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"DX=");
data/kic-2.4a/src/kic/viewport.c:199:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"DY=");
data/kic-2.4a/src/kic/viewport.c:206:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"width=");
data/kic-2.4a/src/kic/viewport.c:211:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBText(ROW_COLUMN,Row,Col += strlen(TypeOut) + 1,"cell:");
data/kic-2.4a/src/kic/viewport.c:213:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(TypeOut,Parameters.kpCellName,FB.fNumColumns-52);
data/kic-2.4a/src/kic/viewport.c:760:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(MenuSelection,Menu[Index].mEntry,MenuViewport.kaX);
data/kic-2.4a/src/kic/viewport.c:778:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(prefix);
data/kic-2.4a/src/kic/viewport.c:798:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(MenuSelection,Menu[Index].mEntry,MenuViewport.kaX);
data/kic-2.4a/src/kic/viewport.c:827:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(prefix);
data/kic-2.4a/src/kic/viewport.c:902:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FB.fLastCursorColumn = strlen(buffer) + 1;
data/kic-2.4a/src/kic/viewport.c:909:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FB.fLastCursorColumn = strlen(buffer);
data/kic-2.4a/src/kic/viewport.c:926:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FB.fLastCursorColumn = strlen(BackPrompt);
data/kic-2.4a/src/kic/viewport.c:1310:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cp || !strlen(cp)) {
data/kic-2.4a/src/kic/viewport.c:1344:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cp || !strlen(cp)) {
data/kic-2.4a/src/kic/viewport.c:1422:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(TypeOut,"\n");
data/kic-2.4a/src/xmfb/mfb.c:240:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mfbInitMessage, "\"");
data/kic-2.4a/src/xmfb/mfb.c:246:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mfbInitMessage, "\"");
data/kic-2.4a/src/xmfb/mfb.c:1798:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (text == NULL || strlen(text) == 0)
data/kic-2.4a/src/xmfb/mfb.c:1808:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(text)+1);
data/kic-2.4a/src/xmfb/mfb.c:1824:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text, strlen(text));
data/kic-2.4a/src/xmfb/mfb.c:1830:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text, strlen(text));
data/kic-2.4a/src/xmfb/mfbcsdl.c:126:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mfb_fontName, fontname, 80);
data/kic-2.4a/src/xmfb/mfbtext.c:116:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(Textfile)) != '\n' && c != EOF) {
data/kic-2.4a/src/xmfb/mfbtext.c:181:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = Left + XTextWidth(mfb_font, cbuf, strlen(cbuf));
data/kic-2.4a/src/xmfb/mfbtext.c:183:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = Right - XTextWidth(mfb_font, cbuf, strlen(cbuf)) - 3;
data/kic-2.4a/src/xmfb/mfbtext.c:296:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(Textfile)) != '\n' && c != EOF) {
data/kic-2.4a/src/xmfb/mfbtext.c:381:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = Left + XTextWidth(mfb_font, cbuf, strlen(cbuf));
data/kic-2.4a/src/xmfb/mfbtext.c:386:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = Right - XTextWidth(mfb_font, cbuf, strlen(cbuf)) - 3;
data/kic-2.4a/src/xmfb/mfbtext.c:605:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(cbuf);
data/kic-2.4a/src/xmfb/mfbtext.c:712:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = Left + XTextWidth(mfb_font, cbuf, strlen(cbuf));
data/kic-2.4a/src/xmfb/mfbtext.c:717:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = Right - XTextWidth(mfb_font, cbuf, strlen(cbuf)) - 3;
data/kic-2.4a/src/xmfb/mfbtext.c:1055:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents(mfb_font, ctext, strlen(ctext),
data/kic-2.4a/src/xmfb/mfbtext.c:1067:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = Left + XTextWidth(mfb_font, cbuf, strlen(cbuf));
data/kic-2.4a/src/xmfb/mfbtext.c:1070:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = Right - XTextWidth(mfb_font, cbuf, strlen(cbuf)) - 3;
data/kic-2.4a/src/xmfb/text1.c:63:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
y -= strlen(text)*fheight*scale;
data/kic-2.4a/src/xmfb/text1.c:71:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
y -= strlen(text)*fheight*scale;
data/kic-2.4a/src/xmfb/text1.c:79:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x -= strlen(text)*fwidth*scale;
data/kic-2.4a/src/xmfb/text1.c:85:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x -= strlen(text)*fwidth*scale;
data/kic-2.4a/src/xmfb/text1.c:93:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str1 = text + strlen(text);
data/kic-2.4a/src/xmfb/text1.c:213:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*x = strlen(string) * mfb_charwidth;
data/kic-2.4a/src/xmfb/xfb.c:127:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Parameters.kpFontName, (char *)MFBInfo(FONTNAME), 80);
ANALYSIS SUMMARY:
Hits = 994
Lines analyzed = 49541 in approximately 1.24 seconds (40002 lines/second)
Physical Source Lines of Code (SLOC) = 37416
Hits@level = [0] 695 [1] 222 [2] 438 [3] 13 [4] 319 [5] 2
Hits@level+ = [0+] 1689 [1+] 994 [2+] 772 [3+] 334 [4+] 321 [5+] 2
Hits/KSLOC@level+ = [0+] 45.1411 [1+] 26.5662 [2+] 20.6329 [3+] 8.92666 [4+] 8.57922 [5+] 0.0534531
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.