Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kopanocore-8.7.0/ECtools/mapitime.cpp
Examining data/kopanocore-8.7.0/ECtools/passwd/passwd.cpp
Examining data/kopanocore-8.7.0/ECtools/stats/stats.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/include/kopano/archiver-common.h
Examining data/kopanocore-8.7.0/ECtools/archiver/include/kopano/ArchiveControl.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiverImpl.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveManageImpl.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiverSessionPtr.h
Examining data/kopanocore-8.7.0/ECtools/archiver/archivestateupdater_fwd.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveStateUpdater.h
Examining data/kopanocore-8.7.0/ECtools/archiver/arc_mysql.hpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/instanceidmapper.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/operations_fwd.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/postsaveiidupdater.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/postsaveiidupdater.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/transaction.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/transaction_fwd.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/operations.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/deleter.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/deleter.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/copier.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/instanceidmapper.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/stubber.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/postsaveaction.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/operations.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/instanceidmapper_fwd.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/copier.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/stubber.h
Examining data/kopanocore-8.7.0/ECtools/archiver/operations/transaction.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveManageImpl.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiverImpl.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ECArchiverLogger.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveStateUpdater.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ECArchiverLogger.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveManage.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.h
Examining data/kopanocore-8.7.0/ECtools/archiver/Archiver.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ECIterators.h
Examining data/kopanocore-8.7.0/ECtools/archiver/helpers/ArchiveHelper.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/helpers/MAPIPropHelper.h
Examining data/kopanocore-8.7.0/ECtools/archiver/helpers/ArchiveHelper.h
Examining data/kopanocore-8.7.0/ECtools/archiver/helpers/StoreHelper.h
Examining data/kopanocore-8.7.0/ECtools/archiver/helpers/StoreHelper.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/helpers/MAPIPropHelper.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveStateCollector.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ECIterators.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiverSession.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/main.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/arc_mysql.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiveStateCollector.h
Examining data/kopanocore-8.7.0/ECtools/archiver/ArchiverSession.h
Examining data/kopanocore-8.7.0/ECtools/archiver/Archiver.cpp
Examining data/kopanocore-8.7.0/ECtools/archiver/archiver-common.cpp
Examining data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.cpp
Examining data/kopanocore-8.7.0/ECtools/cfgchecker/cfg.cpp
Examining data/kopanocore-8.7.0/ECtools/cfgchecker/ServerConfigCheck.cpp
Examining data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.h
Examining data/kopanocore-8.7.0/ECtools/cfgchecker/LDAPConfigCheck.cpp
Examining data/kopanocore-8.7.0/ECtools/admin/admin.cpp
Examining data/kopanocore-8.7.0/ECtools/scriptrun.cpp
Examining data/kopanocore-8.7.0/ECtools/monitor/ECQuotaMonitor.h
Examining data/kopanocore-8.7.0/ECtools/monitor/ECQuotaMonitor.cpp
Examining data/kopanocore-8.7.0/ECtools/monitor/ECMonitorDefs.h
Examining data/kopanocore-8.7.0/ECtools/monitor/monitor.cpp
Examining data/kopanocore-8.7.0/ECtools/storeadm.cpp
Examining data/kopanocore-8.7.0/ECtools/ibrule.cpp
Examining data/kopanocore-8.7.0/ECtools/oof.cpp
Examining data/kopanocore-8.7.0/ECtools/srvadm.cpp
Examining data/kopanocore-8.7.0/ECtools/statsd.cpp
Examining data/kopanocore-8.7.0/ECtools/fsck/fsck-task.cpp
Examining data/kopanocore-8.7.0/ECtools/fsck/fsck-calendar.cpp
Examining data/kopanocore-8.7.0/ECtools/fsck/fsck.h
Examining data/kopanocore-8.7.0/ECtools/fsck/fsck-contact.cpp
Examining data/kopanocore-8.7.0/ECtools/fsck/fsck.cpp
Examining data/kopanocore-8.7.0/ECtools/fsck/fsck-main.cpp
Examining data/kopanocore-8.7.0/ECtools/dbadm.cpp
Examining data/kopanocore-8.7.0/provider/include/kcore.hpp
Examining data/kopanocore-8.7.0/provider/include/ics.h
Examining data/kopanocore-8.7.0/provider/include/proto.h
Examining data/kopanocore-8.7.0/provider/server/ECThreadManager.h
Examining data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.h
Examining data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp
Examining data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.cpp
Examining data/kopanocore-8.7.0/provider/server/ECServer.cpp
Examining data/kopanocore-8.7.0/provider/contacts/epcontact.cpp
Examining data/kopanocore-8.7.0/provider/contacts/ZCMAPIProp.h
Examining data/kopanocore-8.7.0/provider/contacts/ZCABLogon.h
Examining data/kopanocore-8.7.0/provider/contacts/ZCABProvider.h
Examining data/kopanocore-8.7.0/provider/contacts/ZCABContainer.h
Examining data/kopanocore-8.7.0/provider/contacts/ZCABData.h
Examining data/kopanocore-8.7.0/provider/contacts/ZCABLogon.cpp
Examining data/kopanocore-8.7.0/provider/contacts/ZCMAPIProp.cpp
Examining data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp
Examining data/kopanocore-8.7.0/provider/contacts/ZCABProvider.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECPluginFactory.h
Examining data/kopanocore-8.7.0/provider/libserver/ECMAPI.h
Examining data/kopanocore-8.7.0/provider/libserver/ECSessionManager.h
Examining data/kopanocore-8.7.0/provider/libserver/include/kopano/ECPluginSharedData.h
Examining data/kopanocore-8.7.0/provider/libserver/ECNotificationManager.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.h
Examining data/kopanocore-8.7.0/provider/libserver/ECPluginSharedData.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECDatabaseMySQL.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.h
Examining data/kopanocore-8.7.0/provider/libserver/ECNotification.h
Examining data/kopanocore-8.7.0/provider/libserver/ECTestProtocol.h
Examining data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECLockManager.h
Examining data/kopanocore-8.7.0/provider/libserver/ECTPropsPurge.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECUserManagement.h
Examining data/kopanocore-8.7.0/provider/libserver/ECNotificationManager.h
Examining data/kopanocore-8.7.0/provider/libserver/ECABObjectTable.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECSession.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECPluginFactory.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECStringCompat.h
Examining data/kopanocore-8.7.0/provider/libserver/ECTableManager.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECGenProps.h
Examining data/kopanocore-8.7.0/provider/libserver/ECConvenientDepthObjectTable.cpp
Examining data/kopanocore-8.7.0/provider/libserver/StreamUtil.h
Examining data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECKrbAuth.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECSearchFolders.h
Examining data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp
Examining data/kopanocore-8.7.0/provider/libserver/StorageUtil.h
Examining data/kopanocore-8.7.0/provider/libserver/ECDatabase.h
Examining data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECSessionGroup.h
Examining data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.h
Examining data/kopanocore-8.7.0/provider/libserver/ECS3Attachment.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.h
Examining data/kopanocore-8.7.0/provider/libserver/ECSecurity.h
Examining data/kopanocore-8.7.0/provider/libserver/ECSearchFolders.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECICS.h
Examining data/kopanocore-8.7.0/provider/libserver/ECS3Attachment.h
Examining data/kopanocore-8.7.0/provider/libserver/ECIndexer.h
Examining data/kopanocore-8.7.0/provider/libserver/ECSubRestriction.h
Examining data/kopanocore-8.7.0/provider/libserver/ECDBDef.h
Examining data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECSubRestriction.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECSecurity.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECConvenientDepthObjectTable.h
Examining data/kopanocore-8.7.0/provider/libserver/ECABObjectTable.h
Examining data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECTestProtocol.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECKrbAuth.h
Examining data/kopanocore-8.7.0/provider/libserver/cmdutil.hpp
Examining data/kopanocore-8.7.0/provider/libserver/ECServerEntrypoint.h
Examining data/kopanocore-8.7.0/provider/libserver/ECDatabaseFactory.h
Examining data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.h
Examining data/kopanocore-8.7.0/provider/libserver/StorageUtil.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECIndexer.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECServerEntrypoint.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECStatsTables.h
Examining data/kopanocore-8.7.0/provider/libserver/ECTPropsPurge.h
Examining data/kopanocore-8.7.0/provider/libserver/ECTableManager.h
Examining data/kopanocore-8.7.0/provider/libserver/ECSession.h
Examining data/kopanocore-8.7.0/provider/libserver/ECStringCompat.cpp
Examining data/kopanocore-8.7.0/provider/libserver/cmd.hpp
Examining data/kopanocore-8.7.0/provider/libserver/ECSessionGroup.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECDatabaseFactory.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECICS.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.h
Examining data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp
Examining data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp
Examining data/kopanocore-8.7.0/provider/libserver/ECCacheManager.h
Examining data/kopanocore-8.7.0/provider/libserver/cmd.cpp
Examining data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp
Examining data/kopanocore-8.7.0/provider/client/ECExchangeImportHierarchyChanges.cpp
Examining data/kopanocore-8.7.0/provider/client/SessionGroupData.cpp
Examining data/kopanocore-8.7.0/provider/client/WSUtil.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMsgStorePublic.h
Examining data/kopanocore-8.7.0/provider/client/ECExportAddressbookChanges.h
Examining data/kopanocore-8.7.0/provider/client/ProviderUtil.cpp
Examining data/kopanocore-8.7.0/provider/client/ECNotifyClient.cpp
Examining data/kopanocore-8.7.0/provider/client/IECPropStorage.h
Examining data/kopanocore-8.7.0/provider/client/ECMessageStreamImporterIStreamAdapter.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp
Examining data/kopanocore-8.7.0/provider/client/WSMessageStreamImporter.h
Examining data/kopanocore-8.7.0/provider/client/EntryPoint.h
Examining data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.cpp
Examining data/kopanocore-8.7.0/provider/client/ECSessionGroupManager.cpp
Examining data/kopanocore-8.7.0/provider/client/Mem.cpp
Examining data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.h
Examining data/kopanocore-8.7.0/provider/client/ECNotifyMaster.h
Examining data/kopanocore-8.7.0/provider/client/ECABContainer.cpp
Examining data/kopanocore-8.7.0/provider/client/WSTransport.h
Examining data/kopanocore-8.7.0/provider/client/ECParentStorage.cpp
Examining data/kopanocore-8.7.0/provider/client/ECExchangeImportContentsChanges.cpp
Examining data/kopanocore-8.7.0/provider/client/resource.h
Examining data/kopanocore-8.7.0/provider/client/ECChangeAdvisor.h
Examining data/kopanocore-8.7.0/provider/client/ECNamedProp.cpp
Examining data/kopanocore-8.7.0/provider/client/ProviderUtil.h
Examining data/kopanocore-8.7.0/provider/client/epclient.cpp
Examining data/kopanocore-8.7.0/provider/client/WSStoreTableView.cpp
Examining data/kopanocore-8.7.0/provider/client/WSTableView.h
Examining data/kopanocore-8.7.0/provider/client/ECGenericProp.cpp
Examining data/kopanocore-8.7.0/provider/client/ECExchangeImportContentsChanges.h
Examining data/kopanocore-8.7.0/provider/client/WSSerializedMessage.cpp
Examining data/kopanocore-8.7.0/provider/client/Mem.h
Examining data/kopanocore-8.7.0/provider/client/WSSerializedMessage.h
Examining data/kopanocore-8.7.0/provider/client/WSMessageStreamExporter.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMailUser.cpp
Examining data/kopanocore-8.7.0/provider/client/ECNamedProp.h
Examining data/kopanocore-8.7.0/provider/client/WSMAPIFolderOps.h
Examining data/kopanocore-8.7.0/provider/client/ics_client.hpp
Examining data/kopanocore-8.7.0/provider/client/SessionGroupData.h
Examining data/kopanocore-8.7.0/provider/client/ECMessage.h
Examining data/kopanocore-8.7.0/provider/client/ECExportAddressbookChanges.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp
Examining data/kopanocore-8.7.0/provider/client/ECNotifyMaster.cpp
Examining data/kopanocore-8.7.0/provider/client/WSTransport.cpp
Examining data/kopanocore-8.7.0/provider/client/WSMAPIPropStorage.h
Examining data/kopanocore-8.7.0/provider/client/ECMAPITable.h
Examining data/kopanocore-8.7.0/provider/client/WSABPropStorage.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMAPITable.cpp
Examining data/kopanocore-8.7.0/provider/client/ECGenericProp.h
Examining data/kopanocore-8.7.0/provider/client/ECMAPIProp.h
Examining data/kopanocore-8.7.0/provider/client/ECExchangeModifyTable.h
Examining data/kopanocore-8.7.0/provider/client/ECAttach.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMailUser.h
Examining data/kopanocore-8.7.0/provider/client/ECMAPIFolder.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMAPIFolder.h
Examining data/kopanocore-8.7.0/provider/client/WSTableView.cpp
Examining data/kopanocore-8.7.0/provider/client/ECParentStorage.h
Examining data/kopanocore-8.7.0/provider/client/ECMessage.cpp
Examining data/kopanocore-8.7.0/provider/client/ECAttach.h
Examining data/kopanocore-8.7.0/provider/client/ECNotifyClient.h
Examining data/kopanocore-8.7.0/provider/client/ECArchiveAwareMessage.cpp
Examining data/kopanocore-8.7.0/provider/client/ECExchangeImportHierarchyChanges.h
Examining data/kopanocore-8.7.0/provider/client/ECMSProvider.h
Examining data/kopanocore-8.7.0/provider/client/ECMsgStorePublic.cpp
Examining data/kopanocore-8.7.0/provider/client/ECExchangeModifyTable.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMAPIContainer.cpp
Examining data/kopanocore-8.7.0/provider/client/ECSessionGroupManager.h
Examining data/kopanocore-8.7.0/provider/client/WSMessageStreamExporter.h
Examining data/kopanocore-8.7.0/provider/client/ECMsgStore.h
Examining data/kopanocore-8.7.0/provider/client/ECMAPIFolderPublic.cpp
Examining data/kopanocore-8.7.0/provider/client/WSMAPIFolderOps.cpp
Examining data/kopanocore-8.7.0/provider/client/WSUtil.h
Examining data/kopanocore-8.7.0/provider/client/WSMessageStreamImporter.cpp
Examining data/kopanocore-8.7.0/provider/client/ECPropertyEntry.h
Examining data/kopanocore-8.7.0/provider/client/ECChangeAdvisor.cpp
Examining data/kopanocore-8.7.0/provider/client/ECMAPIFolderPublic.h
Examining data/kopanocore-8.7.0/provider/client/ClientUtil.h
Examining data/kopanocore-8.7.0/provider/client/WSABPropStorage.h
Examining data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp
Examining data/kopanocore-8.7.0/provider/client/WSStoreTableView.h
Examining data/kopanocore-8.7.0/provider/client/ECMessageStreamImporterIStreamAdapter.h
Examining data/kopanocore-8.7.0/provider/client/ECMAPIContainer.h
Examining data/kopanocore-8.7.0/provider/client/ClientUtil.cpp
Examining data/kopanocore-8.7.0/provider/client/ECABContainer.h
Examining data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp
Examining data/kopanocore-8.7.0/provider/client/ECArchiveAwareMessage.h
Examining data/kopanocore-8.7.0/provider/client/WSMAPIPropStorage.cpp
Examining data/kopanocore-8.7.0/provider/plugins/DBBase.h
Examining data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp
Examining data/kopanocore-8.7.0/provider/plugins/DBBase.cpp
Examining data/kopanocore-8.7.0/provider/plugins/LDAPCache.cpp
Examining data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp
Examining data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.h
Examining data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp
Examining data/kopanocore-8.7.0/provider/plugins/LDAPCache.h
Examining data/kopanocore-8.7.0/provider/plugins/plugin.h
Examining data/kopanocore-8.7.0/provider/plugins/ldappasswords.h
Examining data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.h
Examining data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.h
Examining data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp
Examining data/kopanocore-8.7.0/provider/common/ECSearchClient.cpp
Examining data/kopanocore-8.7.0/provider/common/include/kopano/pcuser.hpp
Examining data/kopanocore-8.7.0/provider/common/SOAPSock.h
Examining data/kopanocore-8.7.0/provider/common/pcutil.cpp
Examining data/kopanocore-8.7.0/provider/common/versions.h
Examining data/kopanocore-8.7.0/provider/common/soapctor.cpp
Examining data/kopanocore-8.7.0/provider/common/pcutil.hpp
Examining data/kopanocore-8.7.0/provider/common/SOAPUtils.h
Examining data/kopanocore-8.7.0/provider/common/ECSearchClient.h
Examining data/kopanocore-8.7.0/provider/common/StreamTypes.h
Examining data/kopanocore-8.7.0/provider/common/SOAPSock.cpp
Examining data/kopanocore-8.7.0/provider/common/pcuser.cpp
Examining data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp
Examining data/kopanocore-8.7.0/provider/common/SOAPAlloc.h
Examining data/kopanocore-8.7.0/libfreebusy/freebusyguid.h
Examining data/kopanocore-8.7.0/libfreebusy/PublishFreeBusy.cpp
Examining data/kopanocore-8.7.0/libfreebusy/freebusytags.h
Examining data/kopanocore-8.7.0/libfreebusy/recurrence.h
Examining data/kopanocore-8.7.0/libfreebusy/ECFreeBusyUpdate.cpp
Examining data/kopanocore-8.7.0/libfreebusy/freebusyutil.h
Examining data/kopanocore-8.7.0/libfreebusy/ECFreeBusyData.cpp
Examining data/kopanocore-8.7.0/libfreebusy/freebusy.h
Examining data/kopanocore-8.7.0/libfreebusy/recurrence.cpp
Examining data/kopanocore-8.7.0/libfreebusy/ECFBBlockList.h
Examining data/kopanocore-8.7.0/libfreebusy/ECEnumFBBlock.h
Examining data/kopanocore-8.7.0/libfreebusy/ECFreeBusySupport.cpp
Examining data/kopanocore-8.7.0/libfreebusy/ECFBBlockList.cpp
Examining data/kopanocore-8.7.0/libfreebusy/ECFreeBusySupport.h
Examining data/kopanocore-8.7.0/libfreebusy/ECEnumFBBlock.cpp
Examining data/kopanocore-8.7.0/libfreebusy/ECFreeBusyData.h
Examining data/kopanocore-8.7.0/libfreebusy/PublishFreeBusy.h
Examining data/kopanocore-8.7.0/libfreebusy/ECFreeBusyUpdate.h
Examining data/kopanocore-8.7.0/libfreebusy/freebusyutil.cpp
Examining data/kopanocore-8.7.0/php-ext/ECImportHierarchyChangesProxy.h
Examining data/kopanocore-8.7.0/php-ext/ECImportContentsChangesProxy.cpp
Examining data/kopanocore-8.7.0/php-ext/ECRulesTableProxy.cpp
Examining data/kopanocore-8.7.0/php-ext/util.cpp
Examining data/kopanocore-8.7.0/php-ext/globals.h
Examining data/kopanocore-8.7.0/php-ext/util.h
Examining data/kopanocore-8.7.0/php-ext/typeconversion.cpp
Examining data/kopanocore-8.7.0/php-ext/ECImportHierarchyChangesProxy.cpp
Examining data/kopanocore-8.7.0/php-ext/main.cpp
Examining data/kopanocore-8.7.0/php-ext/phpconfig.h
Examining data/kopanocore-8.7.0/php-ext/ECImportContentsChangesProxy.h
Examining data/kopanocore-8.7.0/php-ext/typeconversion.h
Examining data/kopanocore-8.7.0/php-ext/main.h
Examining data/kopanocore-8.7.0/php-ext/ECRulesTableProxy.h
Examining data/kopanocore-8.7.0/caldav/CalDavProto.h
Examining data/kopanocore-8.7.0/caldav/iCal.h
Examining data/kopanocore-8.7.0/caldav/Http.h
Examining data/kopanocore-8.7.0/caldav/ProtocolBase.h
Examining data/kopanocore-8.7.0/caldav/CalDavProto.cpp
Examining data/kopanocore-8.7.0/caldav/WebDav.h
Examining data/kopanocore-8.7.0/caldav/ProtocolBase.cpp
Examining data/kopanocore-8.7.0/caldav/CalDavUtil.h
Examining data/kopanocore-8.7.0/caldav/CalDAV.cpp
Examining data/kopanocore-8.7.0/caldav/iCal.cpp
Examining data/kopanocore-8.7.0/caldav/WebDav.cpp
Examining data/kopanocore-8.7.0/caldav/CalDavUtil.cpp
Examining data/kopanocore-8.7.0/caldav/Http.cpp
Examining data/kopanocore-8.7.0/gateway/Gateway.cpp
Examining data/kopanocore-8.7.0/gateway/ClientProto.h
Examining data/kopanocore-8.7.0/gateway/POP3.h
Examining data/kopanocore-8.7.0/gateway/POP3.cpp
Examining data/kopanocore-8.7.0/gateway/IMAP.h
Examining data/kopanocore-8.7.0/gateway/IMAP.cpp
Examining data/kopanocore-8.7.0/libsync/ECSyncContext.h
Examining data/kopanocore-8.7.0/libsync/ECSyncUtil.cpp
Examining data/kopanocore-8.7.0/libsync/ECSyncSettings.h
Examining data/kopanocore-8.7.0/libsync/ECSyncUtil.h
Examining data/kopanocore-8.7.0/libsync/ECSyncContext.cpp
Examining data/kopanocore-8.7.0/libsync/ECSyncSettings.cpp
Examining data/kopanocore-8.7.0/mapi4linux/include/mapiutil.h
Examining data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h
Examining data/kopanocore-8.7.0/mapi4linux/include/mapi.h
Examining data/kopanocore-8.7.0/mapi4linux/include/mapicode.h
Examining data/kopanocore-8.7.0/mapi4linux/include/initguid.h
Examining data/kopanocore-8.7.0/mapi4linux/include/mapispi.h
Examining data/kopanocore-8.7.0/mapi4linux/include/mapitags.h
Examining data/kopanocore-8.7.0/mapi4linux/include/mapiguid.h
Examining data/kopanocore-8.7.0/mapi4linux/include/edkmdb.h
Examining data/kopanocore-8.7.0/mapi4linux/include/kopano/scope.hpp
Examining data/kopanocore-8.7.0/mapi4linux/include/kopano/memory.hpp
Examining data/kopanocore-8.7.0/mapi4linux/include/kopano/automapi.hpp
Examining data/kopanocore-8.7.0/mapi4linux/include/kopano/tie.hpp
Examining data/kopanocore-8.7.0/mapi4linux/include/kopano/hl.hpp
Examining data/kopanocore-8.7.0/mapi4linux/include/mapix.h
Examining data/kopanocore-8.7.0/mapi4linux/src/m4l.mapidefs.h
Examining data/kopanocore-8.7.0/mapi4linux/src/mapidefs.cpp
Examining data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp
Examining data/kopanocore-8.7.0/mapi4linux/src/m4l.mapix.h
Examining data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp
Examining data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp
Examining data/kopanocore-8.7.0/mapi4linux/src/common.cpp
Examining data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.h
Examining data/kopanocore-8.7.0/mapi4linux/src/rtf.h
Examining data/kopanocore-8.7.0/mapi4linux/src/mapi4linux.h
Examining data/kopanocore-8.7.0/mapi4linux/src/m4l.mapispi.h
Examining data/kopanocore-8.7.0/mapi4linux/src/m4l.common.h
Examining data/kopanocore-8.7.0/mapi4linux/src/mapispi.cpp
Examining data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp
Examining data/kopanocore-8.7.0/php7-ext/ECImportHierarchyChangesProxy.h
Examining data/kopanocore-8.7.0/php7-ext/ECImportContentsChangesProxy.cpp
Examining data/kopanocore-8.7.0/php7-ext/typeconversion.cpp
Examining data/kopanocore-8.7.0/php7-ext/ECImportHierarchyChangesProxy.cpp
Examining data/kopanocore-8.7.0/php7-ext/main.cpp
Examining data/kopanocore-8.7.0/php7-ext/ECImportContentsChangesProxy.h
Examining data/kopanocore-8.7.0/php7-ext/typeconversion.h
Examining data/kopanocore-8.7.0/m4lcommon/include/edkguid.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/mapiext.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/ECRestriction.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/ECFeatures.hpp
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/ECTags.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/ECDefs.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/namedprops.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/mapiguidext.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/ECMemTable.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/Util.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/mapi_ptr.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/userutil.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/EMSAbTag.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/IECInterfaces.hpp
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/RecurrenceState.h
Examining data/kopanocore-8.7.0/m4lcommon/include/kopano/CommonUtil.h
Examining data/kopanocore-8.7.0/m4lcommon/MAPINotifSink.h
Examining data/kopanocore-8.7.0/m4lcommon/ECFeatures.cpp
Examining data/kopanocore-8.7.0/m4lcommon/RecurrenceState.cpp
Examining data/kopanocore-8.7.0/m4lcommon/ECFeatureList.h
Examining data/kopanocore-8.7.0/m4lcommon/ECRestriction.cpp
Examining data/kopanocore-8.7.0/m4lcommon/MAPINotifSink.cpp
Examining data/kopanocore-8.7.0/m4lcommon/Util.cpp
Examining data/kopanocore-8.7.0/m4lcommon/userutil.cpp
Examining data/kopanocore-8.7.0/m4lcommon/mapicontact.h
Examining data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp
Examining data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp
Examining data/kopanocore-8.7.0/libicalmapi/vfreebusy.cpp
Examining data/kopanocore-8.7.0/libicalmapi/icalinit.cpp
Examining data/kopanocore-8.7.0/libicalmapi/ICalToMAPI.cpp
Examining data/kopanocore-8.7.0/libicalmapi/icalcompat.hpp
Examining data/kopanocore-8.7.0/libicalmapi/vtimezone.h
Examining data/kopanocore-8.7.0/libicalmapi/nameids.h
Examining data/kopanocore-8.7.0/libicalmapi/icaluid.cpp
Examining data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp
Examining data/kopanocore-8.7.0/libicalmapi/vevent.cpp
Examining data/kopanocore-8.7.0/libicalmapi/icalitem.h
Examining data/kopanocore-8.7.0/libicalmapi/valarm.h
Examining data/kopanocore-8.7.0/libicalmapi/vtodo.h
Examining data/kopanocore-8.7.0/libicalmapi/icalrecurrence.h
Examining data/kopanocore-8.7.0/libicalmapi/mapitovcf.hpp
Examining data/kopanocore-8.7.0/libicalmapi/vconverter.h
Examining data/kopanocore-8.7.0/libicalmapi/vconverter.cpp
Examining data/kopanocore-8.7.0/libicalmapi/MAPIToICal.cpp
Examining data/kopanocore-8.7.0/libicalmapi/ICalToMAPI.h
Examining data/kopanocore-8.7.0/libicalmapi/vtimezone.cpp
Examining data/kopanocore-8.7.0/libicalmapi/vevent.h
Examining data/kopanocore-8.7.0/libicalmapi/vtodo.cpp
Examining data/kopanocore-8.7.0/libicalmapi/vfreebusy.h
Examining data/kopanocore-8.7.0/libicalmapi/icalrecurrence.cpp
Examining data/kopanocore-8.7.0/libicalmapi/MAPIToICal.h
Examining data/kopanocore-8.7.0/libicalmapi/vcftomapi.hpp
Examining data/kopanocore-8.7.0/libicalmapi/nameids.cpp
Examining data/kopanocore-8.7.0/libicalmapi/valarm.cpp
Examining data/kopanocore-8.7.0/libicalmapi/icalmem.hpp
Examining data/kopanocore-8.7.0/libicalmapi/icaluid.h
Examining data/kopanocore-8.7.0/libicalmapi/mapitovcf.cpp
Examining data/kopanocore-8.7.0/autoconf/1126.h
Examining data/kopanocore-8.7.0/common/utf8/unchecked.h
Examining data/kopanocore-8.7.0/common/utf8/core.h
Examining data/kopanocore-8.7.0/common/include/kopano/stringutil.h
Examining data/kopanocore-8.7.0/common/include/kopano/zcdefs.h
Examining data/kopanocore-8.7.0/common/include/kopano/kcodes.h
Examining data/kopanocore-8.7.0/common/include/kopano/MAPIErrors.h
Examining data/kopanocore-8.7.0/common/include/kopano/charset/convstring.h
Examining data/kopanocore-8.7.0/common/include/kopano/charset/traits.h
Examining data/kopanocore-8.7.0/common/include/kopano/charset/convert.h
Examining data/kopanocore-8.7.0/common/include/kopano/charset/utf8string.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECUnknown.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECScheduler.h
Examining data/kopanocore-8.7.0/common/include/kopano/fileutil.hpp
Examining data/kopanocore-8.7.0/common/include/kopano/platform.linux.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECLogger.h
Examining data/kopanocore-8.7.0/common/include/kopano/database.hpp
Examining data/kopanocore-8.7.0/common/include/kopano/platform.h
Examining data/kopanocore-8.7.0/common/include/kopano/codepage.h
Examining data/kopanocore-8.7.0/common/include/kopano/UnixUtil.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECGetText.h
Examining data/kopanocore-8.7.0/common/include/kopano/ustringutil.h
Examining data/kopanocore-8.7.0/common/include/kopano/timeutil.hpp
Examining data/kopanocore-8.7.0/common/include/kopano/ECThreadPool.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECKeyTable.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECChannel.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECConfig.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECGuid.h
Examining data/kopanocore-8.7.0/common/include/kopano/ECABEntryID.h
Examining data/kopanocore-8.7.0/common/ECKeyTable.cpp
Examining data/kopanocore-8.7.0/common/ECMemStream.cpp
Examining data/kopanocore-8.7.0/common/TimeUtil.cpp
Examining data/kopanocore-8.7.0/common/MAPIErrors.cpp
Examining data/kopanocore-8.7.0/common/ECACL.h
Examining data/kopanocore-8.7.0/common/stringutil.cpp
Examining data/kopanocore-8.7.0/common/ustringutil.cpp
Examining data/kopanocore-8.7.0/common/HtmlToTextParser.cpp
Examining data/kopanocore-8.7.0/common/ECMemStream.h
Examining data/kopanocore-8.7.0/common/charset/localeutil.cpp
Examining data/kopanocore-8.7.0/common/charset/convert.cpp
Examining data/kopanocore-8.7.0/common/charset/localeutil.h
Examining data/kopanocore-8.7.0/common/charset/convstring.cpp
Examining data/kopanocore-8.7.0/common/ECSerializer.h
Examining data/kopanocore-8.7.0/common/ECThreadPool.cpp
Examining data/kopanocore-8.7.0/common/ConsoleTable.cpp
Examining data/kopanocore-8.7.0/common/ECChannel.cpp
Examining data/kopanocore-8.7.0/common/HtmlEntity.h
Examining data/kopanocore-8.7.0/common/pymem.hpp
Examining data/kopanocore-8.7.0/common/ECChannelClient.h
Examining data/kopanocore-8.7.0/common/rtfutil.h
Examining data/kopanocore-8.7.0/common/ECGuid.cpp
Examining data/kopanocore-8.7.0/common/platform.linux.cpp
Examining data/kopanocore-8.7.0/common/ECConfigImpl.h
Examining data/kopanocore-8.7.0/common/ECCache.h
Examining data/kopanocore-8.7.0/common/ECChannelClient.cpp
Examining data/kopanocore-8.7.0/common/ECConfigImpl.cpp
Examining data/kopanocore-8.7.0/common/ECUnknown.cpp
Examining data/kopanocore-8.7.0/common/StatsClient.h
Examining data/kopanocore-8.7.0/common/HtmlEntity.cpp
Examining data/kopanocore-8.7.0/common/rtfutil.cpp
Examining data/kopanocore-8.7.0/common/database.cpp
Examining data/kopanocore-8.7.0/common/fileutil.cpp
Examining data/kopanocore-8.7.0/common/HtmlToTextParser.h
Examining data/kopanocore-8.7.0/common/SSLUtil.cpp
Examining data/kopanocore-8.7.0/common/ECFifoBuffer.h
Examining data/kopanocore-8.7.0/common/StatsClient.cpp
Examining data/kopanocore-8.7.0/common/ECLogger.cpp
Examining data/kopanocore-8.7.0/common/UnixUtil.cpp
Examining data/kopanocore-8.7.0/common/ConsoleTable.h
Examining data/kopanocore-8.7.0/common/SSLUtil.h
Examining data/kopanocore-8.7.0/spooler/PyMapiPlugin.cpp
Examining data/kopanocore-8.7.0/spooler/LMTP.cpp
Examining data/kopanocore-8.7.0/spooler/PyMapiPlugin.h
Examining data/kopanocore-8.7.0/spooler/Spooler.cpp
Examining data/kopanocore-8.7.0/spooler/archive.cpp
Examining data/kopanocore-8.7.0/spooler/mailer.h
Examining data/kopanocore-8.7.0/spooler/archive.h
Examining data/kopanocore-8.7.0/spooler/LMTP.h
Examining data/kopanocore-8.7.0/spooler/rules.h
Examining data/kopanocore-8.7.0/spooler/DAgent.cpp
Examining data/kopanocore-8.7.0/spooler/mailer.cpp
Examining data/kopanocore-8.7.0/spooler/rules.cpp
Examining data/kopanocore-8.7.0/inetmapi/include/inetmapi/inetmapi.h
Examining data/kopanocore-8.7.0/inetmapi/include/inetmapi/options.h
Examining data/kopanocore-8.7.0/inetmapi/mapiTextPart.h
Examining data/kopanocore-8.7.0/inetmapi/inputStreamMAPIAdapter.cpp
Examining data/kopanocore-8.7.0/inetmapi/inputStreamMAPIAdapter.h
Examining data/kopanocore-8.7.0/inetmapi/mapiAttachment.h
Examining data/kopanocore-8.7.0/inetmapi/ECMapiUtils.h
Examining data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.h
Examining data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.h
Examining data/kopanocore-8.7.0/inetmapi/ECVMIMEUtils.cpp
Examining data/kopanocore-8.7.0/inetmapi/ECMapiUtils.cpp
Examining data/kopanocore-8.7.0/inetmapi/mapiAttachment.cpp
Examining data/kopanocore-8.7.0/inetmapi/MAPISMTPTransport.cpp
Examining data/kopanocore-8.7.0/inetmapi/inetmapi.cpp
Examining data/kopanocore-8.7.0/inetmapi/tnef.cpp
Examining data/kopanocore-8.7.0/inetmapi/ECVMIMEUtils.h
Examining data/kopanocore-8.7.0/inetmapi/MAPISMTPTransport.h
Examining data/kopanocore-8.7.0/inetmapi/SMIMEMessage.cpp
Examining data/kopanocore-8.7.0/inetmapi/SMIMEMessage.h
Examining data/kopanocore-8.7.0/inetmapi/tnef.h
Examining data/kopanocore-8.7.0/inetmapi/mapiTextPart.cpp
Examining data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp
Examining data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.cpp
Examining data/kopanocore-8.7.0/swig/include/kopano/swig_iunknown.h
Examining data/kopanocore-8.7.0/swig/RecurrenceState.swig.h
Examining data/kopanocore-8.7.0/swig/director_util.cpp
Examining data/kopanocore-8.7.0/swig/python/include/kopano/conversion.h
Examining data/kopanocore-8.7.0/swig/python/include/kopano/director_util.h
Examining data/kopanocore-8.7.0/swig/python/archiver_conv.cpp
Examining data/kopanocore-8.7.0/swig/python/archiver_conv.h
Examining data/kopanocore-8.7.0/swig/python/conversion.cpp
Examining data/kopanocore-8.7.0/swig/python/libfreebusy_conv.cpp
Examining data/kopanocore-8.7.0/swig/python/scl.h
Examining data/kopanocore-8.7.0/swig/python/libfreebusy_conv.h
Examining data/kopanocore-8.7.0/tests/readflag.cpp
Examining data/kopanocore-8.7.0/tests/imtomapi.cpp
Examining data/kopanocore-8.7.0/tests/mapialloctime.cpp
Examining data/kopanocore-8.7.0/tests/kc-335.cpp
Examining data/kopanocore-8.7.0/tests/zcpmd5.cpp
Examining data/kopanocore-8.7.0/tests/ablookup.cpp
Examining data/kopanocore-8.7.0/tests/tbi.hpp
Examining data/kopanocore-8.7.0/librosie/librosie.cpp
Examining data/kopanocore-8.7.0/librosie/test.cpp
Examining data/kopanocore-8.7.0/librosie/librosie.h
FINAL RESULTS:
data/kopanocore-8.7.0/common/ECChannel.cpp:772:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret = chmod(path, mode);
data/kopanocore-8.7.0/common/ECLogger.cpp:903:5: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chown(log_file, uid, gid);
data/kopanocore-8.7.0/common/UnixUtil.cpp:127:9: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
return chown(filename, uid, gid);
data/kopanocore-8.7.0/common/UnixUtil.cpp:489:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
linklen = readlink("/proc/self/exe", &linkbuf[0], linkbuf.size());
data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.cpp:52:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
er = chmod(unix_socket,mode);
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:1745:2: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], const_cast<char * const *>(argv.get()));
data/kopanocore-8.7.0/ECtools/ibrule.cpp:47:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define S(f) if (flags & (f)) printf(" " #f);
data/kopanocore-8.7.0/ECtools/scriptrun.cpp:71:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(pair.second.c_str(), pair.first.c_str(), nullptr);
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:256:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(key.s, szName);
data/kopanocore-8.7.0/common/ECLogger.cpp:192:44: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fnPrintf = reinterpret_cast<printf_func>(&fprintf);
data/kopanocore-8.7.0/common/ECLogger.cpp:201:44: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fnPrintf = reinterpret_cast<printf_func>(&fprintf);
data/kopanocore-8.7.0/common/ECLogger.cpp:377:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgbuffer + sizeof(msgbuffer) - sizeof(msgtrunc), msgtrunc);
data/kopanocore-8.7.0/common/ECLogger.cpp:439:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgbuffer + sizeof(msgbuffer) - sizeof(msgtrunc), msgtrunc);
data/kopanocore-8.7.0/common/ECLogger.cpp:505:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgbuffer + sizeof(msgbuffer) - sizeof(msgtrunc), msgtrunc);
data/kopanocore-8.7.0/common/ECLogger.cpp:563:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgbuffer + sizeof(msgbuffer) - sizeof(msgtrunc), msgtrunc);
data/kopanocore-8.7.0/common/ECLogger.cpp:591:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgbuffer + sizeof(msgbuffer) - sizeof(msgtrunc), msgtrunc);
data/kopanocore-8.7.0/common/HtmlToTextParser.cpp:444:2: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(buf, 33, L"%u", x);
data/kopanocore-8.7.0/common/UnixUtil.cpp:164:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path.get(), W_OK) < 0)
data/kopanocore-8.7.0/common/UnixUtil.cpp:501:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(&linkbuf[0], const_cast<char **>(argv));
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:46:20: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define _vsnprintf vsnprintf
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:406:22: [4] (buffer) lstrcpyW:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
static inline LPWSTR lstrcpyW(LPWSTR dst, LPCWSTR src)
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:408:2: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(dst, (WCHAR *)src);
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:413:9: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
#define _tcscpy wcscpy
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:413:17: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
#define _tcscpy wcscpy
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:451:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define KC_LIKE_PRINTF(fmt, va) __attribute__((format(printf, fmt, va)))
data/kopanocore-8.7.0/common/platform.linux.cpp:143:9: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
return getpass(prompt);
data/kopanocore-8.7.0/common/stringutil.cpp:167:2: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(b, ARRAY_SIZE(b), L"0x%08X", x);
data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.cpp:1231:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(prop[1].Value.lpszW, wstrName.c_str());
data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.cpp:1238:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prop[2].Value.lpszA, strEmail.c_str());
data/kopanocore-8.7.0/inetmapi/inetmapi.cpp:162:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpszData, oss.str().c_str());
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1146:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpProp->Value.MVszW.lppszW[ulMVProp], strUnicodeName.c_str());
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1151:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpProp->Value.lpszW, strUnicodeName.c_str());
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:517:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s.Value.lpszA, val);
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:525:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(s.Value.lpszW, uval);
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:567:2: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(s.Value.lpszW, v);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:250:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szProfName.get(), profname);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1020:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpProps[i].Value.lpszW, wstrTmp.c_str());
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1027:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpProps[i].Value.lpszA, strTmp.c_str());
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1623:9: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(m_sMAPINameId.Kind.lpwstrName, other.m_sMAPINameId.Kind.lpwstrName);
data/kopanocore-8.7.0/m4lcommon/RecurrenceState.cpp:19:32: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUGPRINT(x, args...) fprintf(stderr, x, ##args)
data/kopanocore-8.7.0/m4lcommon/Util.cpp:351:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpDest->Value.lpszW, lpSrc->Value.lpszW);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:359:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpDest->Value.lpszA, lpSrc->Value.lpszA);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:487:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpDest->Value.MVszW.lppszW[i], lpSrc->Value.MVszW.lppszW[i]);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1586:2: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(*lppszError, lpszError);
data/kopanocore-8.7.0/mapi4linux/include/mapix.h:155:185: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
virtual HRESULT ShowForm(ULONG_PTR ui_param, IMsgStore *, IMAPIFolder *parent, const IID *intf, ULONG msg_token, IMessage *sent, ULONG flags, ULONG msg_status, ULONG msg_flags, ULONG access, const char *msg_class) = 0;
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:208:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sProp.Value.lpszA, strData.c_str());
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapix.h:136:186: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
virtual HRESULT ShowForm(ULONG_PTR ui_param, IMsgStore *, IMAPIFolder *parent, const IID *intf, ULONG msg_token, IMessage *sesnt, ULONG flags, ULONG msg_status, ULONG msg_flags, ULONG access, const char *msg_class) override;
data/kopanocore-8.7.0/mapi4linux/src/mapidefs.cpp:137:6: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(sConvert.Value.MVszW.lppszW[d], unicode.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapidefs.cpp:156:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sConvert.Value.MVszA.lppszA[d], ansi.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:77:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(((char*)*lppWrappedEntry)+4+sizeof(GUID)+2, strDLLName.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1277:59: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ULONG flags, ULONG msg_status, ULONG msg_flags, ULONG access,
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1632:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpNewProps[1].Value.lpszW, strwDisplay.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1636:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpNewProps[2].Value.lpszW, strwType.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1640:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpNewProps[3].Value.lpszW, strwAddress.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1648:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpNewProps[1].Value.lpszA, conv.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1653:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpNewProps[2].Value.lpszA, conv.c_str());
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1658:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpNewProps[3].Value.lpszA, conv.c_str());
data/kopanocore-8.7.0/php-ext/ECRulesTableProxy.cpp:197:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpszA, local.c_str());
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:172:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpsPropValue->Value.lpszW, strTmp.c_str());
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:178:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsPropValue->Value.lpszA, strTmp.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.cpp:80:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t*)lpMapiError->lpszError, wstrErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.cpp:84:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t*)lpMapiError->lpszComponent, wstrCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.cpp:91:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszError, strErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.cpp:95:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszComponent, strCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportContentsChanges.cpp:85:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t*)lpMapiError->lpszError, wstrErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportContentsChanges.cpp:89:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t *)lpMapiError->lpszComponent, wstrCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportContentsChanges.cpp:96:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszError, strErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportContentsChanges.cpp:100:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszComponent, strCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportHierarchyChanges.cpp:67:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t*)lpMapiError->lpszError, wstrErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportHierarchyChanges.cpp:71:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t *)lpMapiError->lpszComponent, wstrCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportHierarchyChanges.cpp:78:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszError, strErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeImportHierarchyChanges.cpp:82:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszComponent, strCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeModifyTable.cpp:58:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpszResult, strConverted.c_str());
data/kopanocore-8.7.0/provider/client/ECExchangeModifyTable.cpp:442:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szXML, os.str().c_str());
data/kopanocore-8.7.0/provider/client/ECGenericProp.cpp:351:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t*)lpMapiError->lpszError, wstrErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECGenericProp.cpp:355:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t *)lpMapiError->lpszComponent, wstrCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECGenericProp.cpp:362:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszError, strErrorMsg.c_str());
data/kopanocore-8.7.0/provider/client/ECGenericProp.cpp:366:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpMapiError->lpszComponent, strCompName.c_str());
data/kopanocore-8.7.0/provider/client/ECMAPIFolderPublic.cpp:144:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpsPropValue->Value.lpszW, strTmp.c_str());
data/kopanocore-8.7.0/provider/client/ECMAPIFolderPublic.cpp:152:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsPropValue->Value.lpszA, strTmp.c_str());
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:312:8: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#ifdef swprintf
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:313:9: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# undef swprintf
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:482:3: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf((wchar_t*)*lppbSpoolSecurity, cbSpoolSecurity, L"%s%c%s", sProfileProps.strUserName.c_str(), 0, sProfileProps.strPassword.c_str());
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:707:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t *)*lppszExplicitClass, dst.c_str());
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:715:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)*lppszExplicitClass, dst.c_str());
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1031:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsPropValue->Value.lpszA, ver.c_str());
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1038:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpsPropValue->Value.lpszW, tmp.c_str());
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:2114:3: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(lpPropValue[0].Value.LPSZ, lpszContainerClass);
data/kopanocore-8.7.0/provider/client/ECNamedProp.cpp:399:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpDst->Kind.lpwstrName, lpSrc->Kind.lpwstrName);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:175:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(Value.lpszW, wstrTmp.c_str());
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:215:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(Value.lpszW, lpsProp->Value.lpszW);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:433:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(Value.MVszW.lppszW[i], wstrTmp.c_str());
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:470:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(Value.MVszW.lppszW[i], lpsProp->Value.MVszW.lppszW[i]);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:670:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpsProp->Value.lpszW, Value.lpszW);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:682:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsProp->Value.lpszA, dst.c_str());
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:827:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsProp->Value.MVszA.lppszA[i], strDst.c_str());
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:842:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpsProp->Value.MVszW.lppszW[i], Value.MVszW.lppszW[i]);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1060:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNamedProps.__ptr[i].lpString, strNameUTF8.c_str());
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3857:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szValue, sResponse.szValue);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:87:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->Value.lpszA, u8.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:94:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->Value.lpszA, u8.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:198:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->Value.mvszA.__ptr[i], u8.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:213:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->Value.mvszA.__ptr[i], u8.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:374:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->Value.lpszA, s.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:387:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(dp->Value.lpszW, ws.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:570:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->Value.MVszA.lppszA[i], s.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:609:4: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(dp->Value.MVszW.lppszW[i], ws.c_str());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1964:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lpStoreID+(lpsStoreId->__size-4), lpszServerName);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2250:2: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(lpszW, wide.c_str());
data/kopanocore-8.7.0/provider/common/SOAPAlloc.h:43:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, str);
data/kopanocore-8.7.0/provider/common/SOAPSock.cpp:32:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soap->tmpbuf, "POST /%s HTTP/%s", (*path == '/' ? path + 1 : path), soap->http_version);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1044:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpDst->Value.mvszA.__ptr[i], lpSrc->Value.mvszA.__ptr[i]);
data/kopanocore-8.7.0/provider/contacts/ZCMAPIProp.cpp:326:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpProp->Value.lpszA, strAnsi.c_str());
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:480:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpPropVal->Value.lpszA, lpRow[FIELD_NR_STRING]);
data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp:797:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpStoreName, strFormat.c_str());
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1226:4: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("ntlm_auth", "-d0", "--helper-protocol=squid-2.5-ntlmssp", nullptr);
data/kopanocore-8.7.0/provider/libserver/ECSession.h:145:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
_kc_hidden void AddClocks(double user, double system, double real);
data/kopanocore-8.7.0/provider/libserver/ECSession.h:146:50: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
_kc_hidden void GetClocks(double *user, double *system, double *real);
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.h:177:72: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
_kc_hidden ECRESULT AddSessionClocks(ECSESSIONID, double user, double system, double real);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:209:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsRowSet->__ptr[i].__ptr[k].Value.lpszA, iterSD->second.name.c_str());
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:215:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsRowSet->__ptr[i].__ptr[k].Value.lpszA, iterSD->second.description.c_str());
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:221:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsRowSet->__ptr[i].__ptr[k].Value.lpszA, iterSD->second.value.c_str());
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:371:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m.Value.lpszA, strTemp.c_str());
data/kopanocore-8.7.0/provider/libserver/ECTableManager.cpp:381:64: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void AuditStatsAccess(ECSession *lpSession, const char *access, const char *table)
data/kopanocore-8.7.0/provider/libserver/ECTableManager.cpp:390:79: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ZLOG_AUDIT(audit, "access %s table='%s stats' username=%s impersonator=%s", access, table, strUsername.c_str(), strImpersonator.c_str());
data/kopanocore-8.7.0/provider/libserver/ECTableManager.cpp:392:63: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ZLOG_AUDIT(audit, "access %s table='%s stats' username=%s", access, table, strUsername.c_str());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3039:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)lpPropVal->Value.bin->__ptr, strSearchKey.c_str());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3218:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)lpPropVal->Value.bin->__ptr, strSearchKey.c_str());
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1394:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lpsNames->__ptr[i].lpString, lpDBRow[1]);
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:777:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_CTX crypt;
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:788:12: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_Init(&crypt);
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:789:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_Update(&crypt, salt.c_str(), salt.size());
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:790:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_Update(&crypt, strData.c_str(), strData.size());
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:791:43: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
*lpstrResult = salt + zcp_md5_final_hex(&crypt);
data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp:208:11: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_CTX crypt;
data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp:211:13: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_Init(&crypt);
data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp:212:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_Update(&crypt, salt.c_str(), salt.length());
data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp:213:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
MD5_Update(&crypt, password.c_str(), password.size());
data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp:214:43: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
auto strMD5 = salt + zcp_md5_final_hex(&crypt);
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:292:14: [4] (crypto) crypt_r:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
auto crpw = crypt_r(password.c_str(), ud.GetPropString(OB_PROP_S_PASSWORD).c_str(), cryptdata.get());
data/kopanocore-8.7.0/spooler/DAgent.cpp:834:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(reinterpret_cast<LPWSTR>(lpSrvNameList->lpszaServer[lpSrvNameList->cServers]), iter.first.c_str());
data/kopanocore-8.7.0/spooler/DAgent.cpp:1249:3: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(szwHeader, PATH_MAX, L"%ls [%ls]", szSubject, lpMessageProps[3].Value.lpszW);
data/kopanocore-8.7.0/spooler/DAgent.cpp:1251:3: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(szwHeader, PATH_MAX, L"%ls", szSubject);
data/kopanocore-8.7.0/spooler/DAgent.cpp:2707:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(wbuffer, ARRAY_SIZE(wbuffer), recip->wstrDeliveryStatus.c_str(), i.c_str());
data/kopanocore-8.7.0/spooler/Spooler.cpp:319:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], const_cast<char *const *>(argv));
data/kopanocore-8.7.0/tests/imtomapi.cpp:668:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, (err == 0) ? "Overall success\n" : "Overall FAILURE\n");
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:1843:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
auto c = getopt_long(argc, argv, "VlLsc:u:d:U:Pp:f:e:a:h:g:G:b:B:i:I:n:v", long_options, NULL);
data/kopanocore-8.7.0/ECtools/archiver/Archiver.cpp:20:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *lpszConfigPath = getenv("KOPANO_ARCHIVER_CONF");
data/kopanocore-8.7.0/ECtools/archiver/main.cpp:206:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
auto c = getopt_long(argc, argv, "u:c:lLACwa:d:D:f:s:N", long_options, NULL);
data/kopanocore-8.7.0/ECtools/cfgchecker/cfg.cpp:56:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
char c = getopt_long(argc, argv, "l:u:s:g:i:m:p:a:c:d:h", long_options, NULL);
data/kopanocore-8.7.0/ECtools/dbadm.cpp:605:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "c:", nullptr, nullptr)) >= 0) {
data/kopanocore-8.7.0/ECtools/fsck/fsck.cpp:405:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "u:p:h:a:P", long_options, NULL);
data/kopanocore-8.7.0/ECtools/ibrule.cpp:603:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = ibr_passpr ? get_password("Login password: ") : getenv("IBR_PASSWORD");
data/kopanocore-8.7.0/ECtools/mapitime.cpp:541:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "p:s:u:vz:")) != -1) {
data/kopanocore-8.7.0/ECtools/oof.cpp:81:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = oof_passpr ? get_password("Login password: ") : getenv("OOF_PASSWORD");
data/kopanocore-8.7.0/ECtools/oof.cpp:85:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
oof_sslpass ? oof_sslpass : getenv("OOF_SSLKEY_PASSWORD");
data/kopanocore-8.7.0/ECtools/passwd/passwd.cpp:131:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
auto c = getopt_long(argc, argv, "u:Pp:h:o:Vv", long_options, NULL);
data/kopanocore-8.7.0/ECtools/stats/stats.cpp:581:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "h:u:d", long_options, NULL);
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:75:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *dir = getenv("KOPANO_CONFIG_PATH");
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:347:59: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
std::unique_ptr<char[], cstdlib_deleter> normalized_file(realpath(file.c_str(), nullptr));
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:539:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *szValue = getenv(lpsConfig.szValue + 1);
data/kopanocore-8.7.0/common/StatsClient.cpp:67:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *v = getenv(ssl ? "https_proxy" : "http_proxy");
data/kopanocore-8.7.0/common/StatsClient.cpp:71:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
v = getenv("no_proxy");
data/kopanocore-8.7.0/common/TimeUtil.cpp:199:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *s_tz = nullptr, *tz = getenv("TZ");
data/kopanocore-8.7.0/common/UnixUtil.cpp:453:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
auto s = getenv("KC_REEXEC_DONE");
data/kopanocore-8.7.0/common/UnixUtil.cpp:457:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("KC_ORIGINAL_PRELOAD");
data/kopanocore-8.7.0/common/UnixUtil.cpp:474:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("KC_AVOID_REEXEC") != nullptr)
data/kopanocore-8.7.0/common/UnixUtil.cpp:476:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
auto s = getenv("KC_REEXEC_DONE");
data/kopanocore-8.7.0/common/fileutil.cpp:155:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dummy = getenv("TMP");
data/kopanocore-8.7.0/common/fileutil.cpp:160:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dummy = getenv("TEMP");
data/kopanocore-8.7.0/common/platform.linux.cpp:123:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/kopanocore-8.7.0/common/stringutil.cpp:860:10: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt_long(argc, argv, shortopts, longopts, longind);
data/kopanocore-8.7.0/common/stringutil.cpp:870:8: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, shortopts, longopts, longind);
data/kopanocore-8.7.0/common/stringutil.cpp:885:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
if (getopt_long(argc, argv, shortopts, longopts, longind) != 0)
data/kopanocore-8.7.0/libsync/ECSyncSettings.cpp:16:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *env = getenv("KOPANO_SYNC_LOGLEVEL");
data/kopanocore-8.7.0/libsync/ECSyncSettings.cpp:25:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("KOPANO_STREAM_TIMEOUT");
data/kopanocore-8.7.0/libsync/ECSyncSettings.cpp:29:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("KOPANO_STREAM_BUFFERSIZE");
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:85:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *env = getenv("KOPANO_SOCKET");
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:172:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *env = getenv("MAPI_CONFIG_PATH");
data/kopanocore-8.7.0/provider/server/ECServer.cpp:603:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (*lib == '\0' || getenv("KC_AVOID_REEXEC") != nullptr ||
data/kopanocore-8.7.0/provider/server/ECServer.cpp:604:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("KC_REEXEC_DONE") != nullptr)
data/kopanocore-8.7.0/provider/server/ECServer.cpp:614:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
auto s = getenv("LD_PRELOAD");
data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.cpp:221:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("KC_REEXEC_DONE") != nullptr)
data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.cpp:290:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("KC_REEXEC_DONE") != nullptr)
data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.cpp:333:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("KC_REEXEC_DONE") != nullptr)
data/kopanocore-8.7.0/spooler/DAgent.cpp:2511:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *lpEnvGDB = getenv("GDB");
data/kopanocore-8.7.0/spooler/PyMapiPlugin.cpp:292:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
auto lpEnvPython = getenv("PYTHONPATH");
data/kopanocore-8.7.0/tests/tbi.hpp:80:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *sock = getenv("KOPANO_SOCKET");
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:356:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char password[80] = {0};
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_buf[64] = {'\0'}, end_buf[64] = {'\0'};
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[64];
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:1914:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
isadmin = atoi(optarg);
data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.cpp:90:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_ulArchiveAfter = atoi(m_lpConfig->GetSetting("archive_after", "", "30"));
data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.cpp:94:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_ulDeleteAfter = atoi(m_lpConfig->GetSetting("delete_after", "", "0"));
data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.cpp:98:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_ulStubAfter = atoi(m_lpConfig->GetSetting("stub_after", "", "0"));
data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.cpp:101:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_ulPurgeAfter = atoi(m_lpConfig->GetSetting("purge_after", "", "2555"));
data/kopanocore-8.7.0/ECtools/archiver/ArchiveControlImpl.cpp:875:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefixData + 4, lpArchiveGuid, sizeof(GUID));
data/kopanocore-8.7.0/ECtools/archiver/ECArchiverLogger.cpp:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.cpp:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cBuffer[1024];
data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.cpp:57:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(fp = fopen(lpszConfigFile, "rt"))) {
data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.cpp:243:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (check->value1.empty() || atoi(check->value1.c_str()))
data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.cpp:375:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(check->value1.c_str()) < atoi(check->value2.c_str()))
data/kopanocore-8.7.0/ECtools/cfgchecker/ECConfigCheck.cpp:375:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(check->value1.c_str()) < atoi(check->value2.c_str()))
data/kopanocore-8.7.0/ECtools/ibrule.cpp:429:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a.lpStoreEntryId, store.c_str(), store.size());
data/kopanocore-8.7.0/ECtools/ibrule.cpp:430:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a.lpFldEntryId, folder.c_str(), folder.size());
data/kopanocore-8.7.0/ECtools/mapitime.cpp:264:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_scanfld->lpbin[0].lpb, inbox.get(), inbox_sz);
data/kopanocore-8.7.0/ECtools/mapitime.cpp:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/kopanocore-8.7.0/ECtools/monitor/ECQuotaMonitor.cpp:419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cBuffer[TEMPLATE_LINE_LENGTH];
data/kopanocore-8.7.0/ECtools/monitor/ECQuotaMonitor.cpp:467:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto fp = fopen(lpszTemplate, "rt");
data/kopanocore-8.7.0/ECtools/monitor/monitor.cpp:54:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulInterval = atoi(m_lpThreadMonitor->lpConfig->GetSetting("quota_check_interval", nullptr, "15"));
data/kopanocore-8.7.0/ECtools/monitor/monitor.cpp:100:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int new_ll = ll ? atoi(ll) : EC_LOGLEVEL_WARNING;
data/kopanocore-8.7.0/ECtools/oof.cpp:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[64];
data/kopanocore-8.7.0/ECtools/oof.cpp:178:42: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::unique_ptr<FILE, file_deleter> fp(fopen(oof_msgfile, "r"));
data/kopanocore-8.7.0/ECtools/scriptrun.cpp:69:14: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
auto ret = vfork();
data/kopanocore-8.7.0/ECtools/stats/stats.cpp:148:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[80];
data/kopanocore-8.7.0/ECtools/stats/stats.cpp:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[64];
data/kopanocore-8.7.0/ECtools/stats/stats.cpp:486:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32]; // must be at least 26 bytes
data/kopanocore-8.7.0/ECtools/storeadm.cpp:239:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&out, s.c_str(), s.size());
data/kopanocore-8.7.0/ECtools/storeadm.cpp:297:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(neweid, eid, eid_size);
data/kopanocore-8.7.0/ECtools/storeadm.cpp:298:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<unsigned char *>(neweid.get()) + eid_size - 4, url, url_len + 4);
data/kopanocore-8.7.0/caldav/CalDAV.cpp:87:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int new_ll = ll ? atoi(ll) : EC_LOGLEVEL_WARNING;
data/kopanocore-8.7.0/caldav/Http.cpp:322:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ulDepth = atoi(strDepth.c_str());
data/kopanocore-8.7.0/caldav/Http.cpp:444:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulContLength = atoi(strLength.c_str());
data/kopanocore-8.7.0/caldav/Http.cpp:543:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lpstrLen[10];
data/kopanocore-8.7.0/caldav/Http.cpp:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szTime[32];
data/kopanocore-8.7.0/caldav/Http.cpp:674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lpszChar[128];
data/kopanocore-8.7.0/common/ECChannel.cpp:73:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto key_fh = fopen(key_file, "r");
data/kopanocore-8.7.0/common/ECChannel.cpp:80:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto cert_fh = fopen(cert_file, "r");
data/kopanocore-8.7.0/common/ECChannel.cpp:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/kopanocore-8.7.0/common/ECChannel.cpp:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuffer[4096];
data/kopanocore-8.7.0/common/ECChannel.cpp:568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256], serv[16];
data/kopanocore-8.7.0/common/ECChannel.cpp:578:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&peer_sockaddr, sa, slen);
data/kopanocore-8.7.0/common/ECChannel.cpp:587:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rspbuf[512];
data/kopanocore-8.7.0/common/ECChannel.cpp:630:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrbuf[512];
data/kopanocore-8.7.0/common/ECChannel.cpp:655:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &ad.s6_addr[12], 4);
data/kopanocore-8.7.0/common/ECChannel.cpp:659:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &ad, sizeof(ad));
data/kopanocore-8.7.0/common/ECChannel.cpp:666:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &ad, sizeof(ad));
data/kopanocore-8.7.0/common/ECChannel.cpp:795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_string[sizeof("65535")];
data/kopanocore-8.7.0/common/ECChannel.cpp:1038:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oaddr, sk->ai_addr, arglen);
data/kopanocore-8.7.0/common/ECChannelClient.cpp:32:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_ulPort = atoi(GetServerPortFromPath(szPath).c_str());
data/kopanocore-8.7.0/common/ECChannelClient.cpp:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_string[sizeof("65536")];
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:163:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(m_szConfigFile, "rt");
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cBuffer[MAXLINELEN] = {0};
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:372:41: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::unique_ptr<FILE, file_deleter> fp(fopen(file.c_str(), "rt"));
data/kopanocore-8.7.0/common/ECConfigImpl.h:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256];
data/kopanocore-8.7.0/common/ECKeyTable.cpp:108:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ad, ak.c_str(), sizeof(double));
data/kopanocore-8.7.0/common/ECKeyTable.cpp:109:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bd, bk.c_str(), sizeof(double));
data/kopanocore-8.7.0/common/ECLogger.cpp:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pb[LOG_PFXSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:199:40: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fnOpen = reinterpret_cast<open_func>(&fopen);
data/kopanocore-8.7.0/common/ECLogger.cpp:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pb[LOG_PFXSIZE], el[LOG_LVLSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:294:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32] = { 0 };
data/kopanocore-8.7.0/common/ECLogger.cpp:327:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pb[LOG_PFXSIZE], el[LOG_LVLSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pb[LOG_PFXSIZE], el[LOG_LVLSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuffer[_LOG_BUFSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuffer[_LOG_BUFSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:503:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuffer[_LOG_BUFSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:551:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuffer[_LOG_BUFSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuffer[_LOG_BUFSIZE];
data/kopanocore-8.7.0/common/ECLogger.cpp:636:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_lpFileLogger->SetLoglevel(atoi(ll));
data/kopanocore-8.7.0/common/ECLogger.cpp:646:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[_LOG_BUFSIZE] = {0};
data/kopanocore-8.7.0/common/ECLogger.cpp:763:92: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
std::shared_ptr<ECLogger> lpPipeLogger(new(std::nothrow) ECLogger_Pipe(pipefds[1], child, atoi(lpConfig->GetSetting("log_level")))); // let destructor wait on child
data/kopanocore-8.7.0/common/ECLogger.cpp:866:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto test = fopen(log_file, "a");
data/kopanocore-8.7.0/common/ECLogger.cpp:948:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32] = { 0 };
data/kopanocore-8.7.0/common/ECMemStream.cpp:27:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpCurrent, buffer, ulDataLen);
data/kopanocore-8.7.0/common/ECMemStream.cpp:34:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpOriginal, buffer, ulDataLen);
data/kopanocore-8.7.0/common/ECMemStream.cpp:62:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, lpCurrent+ulPos, ulToRead);
data/kopanocore-8.7.0/common/ECMemStream.cpp:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpCurrent+ulPos, buffer, ulLen);
data/kopanocore-8.7.0/common/ECMemStream.cpp:100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpOriginal, lpCurrent, cbCurrent);
data/kopanocore-8.7.0/common/ECMemStream.cpp:113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpCurrent, lpOriginal, cbOriginal);
data/kopanocore-8.7.0/common/SSLUtil.cpp:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/kopanocore-8.7.0/common/StatsClient.cpp:271:41: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::unique_ptr<FILE, file_deleter> fp(fopen("/etc/machine-id", "r"));
data/kopanocore-8.7.0/common/StatsClient.cpp:429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[128] = { 0 };
data/kopanocore-8.7.0/common/StatsClient.cpp:452:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[128] = { 0 };
data/kopanocore-8.7.0/common/UnixUtil.cpp:136:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto fp = fopen(tunable, "r");
data/kopanocore-8.7.0/common/UnixUtil.cpp:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/kopanocore-8.7.0/common/UnixUtil.cpp:194:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto pidfile = fopen(pidfilename.c_str(), "r");
data/kopanocore-8.7.0/common/UnixUtil.cpp:201:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pidfile = fopen(tmp, "r");
data/kopanocore-8.7.0/common/UnixUtil.cpp:225:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pidfile = fopen(pidfilename.c_str(), "w");
data/kopanocore-8.7.0/common/UnixUtil.cpp:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/kopanocore-8.7.0/common/charset/convert.cpp:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/kopanocore-8.7.0/common/charset/convert.cpp:209:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tocode, key.tocode, strlen(key.tocode) + 1);
data/kopanocore-8.7.0/common/charset/convert.cpp:218:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fromcode, key.fromcode, strlen(key.fromcode) + 1);
data/kopanocore-8.7.0/common/database.cpp:115:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cfg->GetSetting("mysql_database"), port != nullptr ? atoi(port) : 0,
data/kopanocore-8.7.0/common/database.cpp:195:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nullptr, port != nullptr ? atoi(port) : 0, socket, 0) == nullptr) {
data/kopanocore-8.7.0/common/fileutil.cpp:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufferin[BLOCKSIZE/2], bufferout[BLOCKSIZE+1];
data/kopanocore-8.7.0/common/fileutil.cpp:48:43: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
std::unique_ptr<FILE, file_deleter> fTmp(tmpfile());
data/kopanocore-8.7.0/common/fileutil.cpp:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BLOCKSIZE];
data/kopanocore-8.7.0/common/fileutil.cpp:119:44: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::unique_ptr<FILE, file_deleter> pfNew(fopen(strFileName.c_str(), "wb"));
data/kopanocore-8.7.0/common/include/kopano/ECChannel.h:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_atxt[256+16];
data/kopanocore-8.7.0/common/include/kopano/ECLogger.h:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevmsg[_LOG_BUFSIZE];
data/kopanocore-8.7.0/common/platform.linux.cpp:59:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewGUID, &g, sizeof(g));
data/kopanocore-8.7.0/common/platform.linux.cpp:63:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewGUID, g, sizeof(g));
data/kopanocore-8.7.0/common/platform.linux.cpp:96:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/kopanocore-8.7.0/common/platform.linux.cpp:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char procdir[64];
data/kopanocore-8.7.0/common/rtfutil.cpp:186:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szCommand[RTF_MAXCMD];
data/kopanocore-8.7.0/common/rtfutil.cpp:420:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szCommand[RTF_MAXCMD];
data/kopanocore-8.7.0/common/rtfutil.cpp:699:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szCommand[RTF_MAXCMD];
data/kopanocore-8.7.0/common/stringutil.cpp:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[33];
data/kopanocore-8.7.0/common/stringutil.cpp:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[33];
data/kopanocore-8.7.0/common/stringutil.cpp:166:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t b[33];
data/kopanocore-8.7.0/common/stringutil.cpp:366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[5];
data/kopanocore-8.7.0/common/stringutil.cpp:642:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char char_array_3[3], char_array_4[4];
data/kopanocore-8.7.0/common/stringutil.cpp:678:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char char_array_4[4], char_array_3[3];
data/kopanocore-8.7.0/common/stringutil.cpp:713:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[MD5_DIGEST_LENGTH];
data/kopanocore-8.7.0/gateway/Gateway.cpp:97:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int new_ll = ll ? atoi(ll) : EC_LOGLEVEL_WARNING;
data/kopanocore-8.7.0/gateway/Gateway.cpp:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256] = {0};
data/kopanocore-8.7.0/gateway/IMAP.cpp:792:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[IMAP_RESP_MAX + 1];
data/kopanocore-8.7.0/gateway/IMAP.cpp:1368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuffer[11];
data/kopanocore-8.7.0/gateway/IMAP.cpp:1771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuffer[33];
data/kopanocore-8.7.0/gateway/IMAP.cpp:3311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuffer[IMAP_RESP_MAX + 1];
data/kopanocore-8.7.0/gateway/IMAP.cpp:4826:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuffer[31];
data/kopanocore-8.7.0/gateway/IMAP.h:53:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpb, lpData, cbData);
data/kopanocore-8.7.0/gateway/IMAP.h:64:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpb, old.lpb, cb);
data/kopanocore-8.7.0/gateway/IMAP.h:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpb, bin.lpb, bin.cb);
data/kopanocore-8.7.0/gateway/IMAP.h:96:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpb, b.lpb, cb);
data/kopanocore-8.7.0/gateway/IMAP.h:117:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpb, b.lpb, cb);
data/kopanocore-8.7.0/gateway/POP3.cpp:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[POP3_MAX_RESPONSE_LENGTH];
data/kopanocore-8.7.0/gateway/POP3.cpp:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[POP3_MAX_RESPONSE_LENGTH];
data/kopanocore-8.7.0/gateway/POP3.cpp:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[POP3_MAX_RESPONSE_LENGTH];
data/kopanocore-8.7.0/gateway/POP3.cpp:412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[POP3_MAX_RESPONSE_LENGTH];
data/kopanocore-8.7.0/gateway/POP3.cpp:537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[POP3_MAX_RESPONSE_LENGTH];
data/kopanocore-8.7.0/gateway/POP3.cpp:564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szResponse[POP3_MAX_RESPONSE_LENGTH];
data/kopanocore-8.7.0/gateway/POP3.cpp:757:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sMailListItem.sbEntryID.lpb, lpRows[i].lpProps[EID].Value.bin.lpb, lpRows[i].lpProps[EID].Value.bin.cb);
data/kopanocore-8.7.0/inetmapi/ECVMIMEUtils.cpp:354:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
smtpresult = atoi(e.response().substr(0, e.response().find_first_of(" ")).c_str());
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:1304:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str.get(), "X-Original-Mailer");
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:1362:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const priomap[3] = { "5 (Lowest)", "3 (Normal)", "1 (Highest)" }; // 2 and 4 cannot be set from outlook
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:1420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096] = {0};
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:1422:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "???");
data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.cpp:559:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fe->abEntry, eid.get(), eid_size);
data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.cpp:572:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fl->abEntries + fl->cbEntries, fe.get(), CbFLATENTRY(fe));
data/kopanocore-8.7.0/inetmapi/inetmapi.cpp:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[IDLEN] = {0};
data/kopanocore-8.7.0/inetmapi/inetmapi.cpp:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[sizeof(in)];
data/kopanocore-8.7.0/inetmapi/tnef.cpp:319:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(szSClass.get(), lpBuffer, ulSize);
data/kopanocore-8.7.0/inetmapi/tnef.cpp:861:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sGuid, lpBuffer, sizeof(GUID));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1009:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.MVflt.lpflt[ulMVProp], lpBuffer, sizeof(float));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1011:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.flt, lpBuffer, sizeof(float));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1020:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.MVat.lpat[ulMVProp], lpBuffer, sizeof(double));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1022:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.at, lpBuffer, sizeof(double));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1030:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.MVdbl.lpdbl[ulMVProp], lpBuffer, sizeof(double));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1032:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.dbl, lpBuffer, sizeof(double));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1105:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpProp->Value.MVszA.lppszA[ulMVProp], lpBuffer, ulLen);
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1111:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpProp->Value.lpszA, lpBuffer, ulLen);
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1207:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.MVguid.lpguid[ulMVProp], lpBuffer, sizeof(GUID));
data/kopanocore-8.7.0/inetmapi/tnef.cpp:1720:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/kopanocore-8.7.0/libfreebusy/freebusyutil.cpp:469:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fbd.lpbin[iMonth].lpb+fbd.lpbin[iMonth].cb, &fbEvent, sizeof(sfbEvent));
data/kopanocore-8.7.0/libfreebusy/freebusyutil.cpp:494:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fbd.lpbin[iMonth].lpb + fbd.lpbin[iMonth].cb, &fbEvent, sizeof(sfbEvent));
data/kopanocore-8.7.0/libfreebusy/freebusyutil.cpp:519:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fbd.lpbin[iMonth].lpb + fbd.lpbin[iMonth].cb, &fbEvent, sizeof(sfbEvent));
data/kopanocore-8.7.0/libicalmapi/mapitovcf.cpp:89:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[21];
data/kopanocore-8.7.0/libicalmapi/vconverter.cpp:427:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strHexDate,"%04x%02x%02x", icTime.year, icTime.month, icTime.day);
data/kopanocore-8.7.0/libicalmapi/vconverter.cpp:1215:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sPropVal.Value.ft = UnixTimeToFileTime(atoi(strSuffix.c_str()));
data/kopanocore-8.7.0/librosie/test.cpp:11:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(argv[1], "r");
data/kopanocore-8.7.0/libsync/ECSyncContext.cpp:570:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpServerUid, ptrServerUid->Value.bin.lpb, sizeof *lpServerUid);
data/kopanocore-8.7.0/libsync/ECSyncContext.cpp:606:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpServerUid, ptrServerUid->Value.bin.lpb, sizeof *lpServerUid);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:253:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ssltest = fopen(sslkey_file, "r");
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:629:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpByte, lpszEmailType, sizeEmailType);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:631:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpByte + sizeEmailType + 1, lpszEmail, sizeEmail);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1750:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData, strData.data(), strData.size());
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1878:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryID, ((LPBYTE)lpOrigEntry)+cbRemove, cbOrigEntry - cbRemove);
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:55:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpsColumns->aulPropTag, &lpsPropTags->aulPropTag, lpsPropTags->cValues * sizeof(ULONG));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:472:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin.lpb, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:474:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin.lpb + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:487:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin.lpb, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:489:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin.lpb + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:529:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpsPropTags->aulPropTag, &lpPropTagArray->aulPropTag, lpPropTagArray->cValues * sizeof(ULONG));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:577:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpsPropTagArray->aulPropTag, &lpsPropTags->aulPropTag, sizeof(ULONG) * lpsPropTags->cValues);
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:806:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsSortOrderSet, lpSortCriteria, CbSSortOrderSet(lpSortCriteria));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:978:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prop.Value.bin.lpb, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/m4lcommon/ECMemTable.cpp:980:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prop.Value.bin.lpb + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/m4lcommon/RecurrenceState.cpp:96:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData, m_strData.c_str(), m_strData.size());
data/kopanocore-8.7.0/m4lcommon/Util.cpp:294:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest, lpSrc, sizeof(SPropValue));
data/kopanocore-8.7.0/m4lcommon/Util.cpp:370:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.bin.lpb, lpSrc->Value.bin.lpb, lpSrc->Value.bin.cb);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.lpguid, lpSrc->Value.lpguid, sizeof(GUID));
data/kopanocore-8.7.0/m4lcommon/Util.cpp:420:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVi.lpi, lpSrc->Value.MVi.lpi, sizeof(short int) * lpSrc->Value.MVi.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:427:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVl.lpl, lpSrc->Value.MVl.lpl, sizeof(LONG) * lpSrc->Value.MVl.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:434:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVflt.lpflt, lpSrc->Value.MVflt.lpflt, sizeof(float) * lpSrc->Value.MVflt.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:442:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVdbl.lpdbl, lpSrc->Value.MVdbl.lpdbl, sizeof(double) * lpSrc->Value.MVdbl.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:449:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVli.lpli, lpSrc->Value.MVli.lpli, sizeof(LONGLONG) * lpSrc->Value.MVli.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVcur.lpcur, lpSrc->Value.MVcur.lpcur, sizeof(CURRENCY) * lpSrc->Value.MVcur.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:463:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVft.lpft, lpSrc->Value.MVft.lpft, sizeof(FILETIME) * lpSrc->Value.MVft.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:475:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVszA.lppszA[i], lpSrc->Value.MVszA.lppszA[i], datalength);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:499:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVbin.lpbin[i].lpb, lpSrc->Value.MVbin.lpbin[i].lpb, lpSrc->Value.MVbin.lpbin[i].cb);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:508:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->Value.MVguid.lpguid, lpSrc->Value.MVguid.lpguid, sizeof(GUID) * lpSrc->Value.MVguid.cValues);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:723:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->actMoveCopy.lpStoreEntryId, lpSrc->actMoveCopy.lpStoreEntryId, lpSrc->actMoveCopy.cbStoreEntryId);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:728:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->actMoveCopy.lpFldEntryId, lpSrc->actMoveCopy.lpFldEntryId, lpSrc->actMoveCopy.cbFldEntryId);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:736:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->actReply.lpEntryId, lpSrc->actReply.lpEntryId, lpSrc->actReply.cbEntryId);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:744:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->actDeferAction.pbData, lpSrc->actDeferAction.pbData, lpSrc->actDeferAction.cbData);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:824:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptrPropTagArray->aulPropTag, lpSrc->aulPropTag, lpSrc->cValues * sizeof *lpSrc->aulPropTag);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:877:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest, lpSrc, ulSize);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1460:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[16];
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1465:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[16];
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1660:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE];
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE];
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1965:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[12];
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1992:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[12];
data/kopanocore-8.7.0/m4lcommon/Util.cpp:2767:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpNewProblems->aProblem, lpOrigProblems->aProblem, sizeof(SPropProblem) * lpOrigProblems->cProblem);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:2771:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpNewProblems->aProblem[lpNewProblems->cProblem -1], lpProblem, sizeof(SPropProblem));
data/kopanocore-8.7.0/m4lcommon/Util.cpp:2948:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpTempSPropTagArray->aulPropTag, lpSPropTagArray->aulPropTag, lpSPropTagArray->cValues * sizeof *lpSPropTagArray->aulPropTag);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:3036:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpIncludeProps, inclprop, CbNewSPropTagArray(inclprop->cValues));
data/kopanocore-8.7.0/m4lcommon/Util.cpp:3654:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*lppEntryID, lpPos, usLen);
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1724:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszLabelName[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1735:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszCharsAllowed[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1756:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszCharsAllowed[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1774:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszLabel[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1786:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszLabel[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1798:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszLabel[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1810:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszLabel[n]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1811:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszComponent[n1]; \
data/kopanocore-8.7.0/mapi4linux/include/mapidefs.h:1824:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszLabel[n]; \
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:105:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto fp = fopen(filename, "r");
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cBuffer[MAXLINELEN] = {0};
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/kopanocore-8.7.0/mapi4linux/src/mapidefs.cpp:839:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&muidEntry, (LPBYTE)lpEntryID + 4, sizeof(MAPIUID));
data/kopanocore-8.7.0/mapi4linux/src/mapispi.cpp:48:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsProviderUID.get(), lpUid, sizeof(MAPIUID));
data/kopanocore-8.7.0/mapi4linux/src/mapispi.cpp:80:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpNewKey, lpKey, sizeof(*lpKey));
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:75:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*lppWrappedEntry)->ab, &muidStoreWrap, sizeof(GUID));
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((BYTE*)*lppWrappedEntry)+4+sizeof(GUID)+2+cbDLLName+cbPad, lpOrigEntry, cbOrigEntry);
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ulReserved1, ftTime[5];
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:314:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ci->ftTime, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:323:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbConvIndex, lpbParent, cbParent);
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:326:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&parent.dwLowDateTime, &ci->ftTime, sizeof(DWORD));
data/kopanocore-8.7.0/mapi4linux/src/mapiutil.cpp:333:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbConvIndex + sizeof(CONVERSATION_INDEX), &diff.dwLowDateTime, 4);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:888:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sProviderUID, lpsRows[0].lpProps[1].Value.bin.lpb, sizeof(MAPIUID));
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1052:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidProvider, &lpEntryID->ab, sizeof(GUID));
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1251:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryID, lpProp->Value.bin.lpb, lpProp->Value.bin.cb);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1340:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry.muid, lpUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1626:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpNewProps[0].Value.bin.lpb, lpOneEntryID, cbOneEntryID);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:1823:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryID, lpProp->Value.bin.lpb, cbEntryID);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:2429:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pv->Value.lpszA, &*m_input, z);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:2430:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pv->Value.lpszA[z], L"", sizeof(wchar_t));
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:2445:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pv->Value.bin.lpb, &*m_input, pv->Value.bin.cb);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:2616:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*dst, src, z);
data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp:73:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest, lpSrc, len);
data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp:80:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpBuffer.get(), lpPrebuf, prebufSize);
data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest, &lpBuffer[prebufSize], len);
data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp:138:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hdr->ulMagic, "MELA", 4);
data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp:140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[sizeof(*hdr)], src, src_size);
data/kopanocore-8.7.0/php-ext/main.cpp:239:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(perf_measure_file, "a+");
data/kopanocore-8.7.0/php-ext/main.cpp:877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szProfName[MAX_PATH];
data/kopanocore-8.7.0/php-ext/main.cpp:3664:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:197:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpSortOrderSet->aSort[i].ulPropTag = atoi(key);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:483:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpPropValue[cvalues].Value.MVguid.lpguid[h++], dataEntry[0]->value.str.val, sizeof(GUID));
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:555:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpActions->lpAction[j].actMoveCopy.lpStoreEntryId, dataEntry[0]->value.str.val, dataEntry[0]->value.str.len);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:566:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpActions->lpAction[j].actMoveCopy.lpFldEntryId, dataEntry[0]->value.str.val, dataEntry[0]->value.str.len);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:580:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpActions->lpAction[j].actReply.lpEntryId, dataEntry[0]->value.str.val, dataEntry[0]->value.str.len);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:590:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpActions->lpAction[j].actReply.guidReplyTemplate, dataEntry[0]->value.str.val, sizeof(GUID));
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:604:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpActions->lpAction[j].actDeferAction.pbData, dataEntry[0]->value.str.val, dataEntry[0]->value.str.len);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpProp->Value.bin.lpb, valueEntry[0]->value.str.val, valueEntry[0]->value.str.len);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1137:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpProp->Value.lpguid, valueEntry[0]->value.str.val, sizeof(GUID));
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1292:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", c);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1307:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", c);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1337:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", VALUE);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1339:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1341:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", FUZZYLEVEL);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1354:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RELOP);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1356:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1358:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", VALUE);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1368:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RELOP);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1370:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1372:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG2);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1382:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULTYPE);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1384:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1386:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULMASK);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1396:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RELOP);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1398:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1400:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", CB);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1410:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1424:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1426:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RESTRICTION);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1443:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", PROPS);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1445:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RESTRICTION);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ulKey[16];
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pulproptag[16];
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1519:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pulproptag, "%i",PropTagToPHPTag(pPropValue->ulPropTag));
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1586:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1597:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1608:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1619:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1630:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1641:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1652:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1664:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1675:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1686:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1753:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1814:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(pvalEntry, "sourcekey", (char *)lpReadStates[i].pbSourceKey, lpReadStates[i].cbSourceKey, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1868:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpReadStates[n].pbSourceKey, valueEntry[0]->value.str.val, valueEntry[0]->value.str.len);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1930:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpGUIDs[n++], pentry->value.str.val, sizeof(GUID));
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1961:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(zvalNotif, "entryid", (char *)lpNotifs[i].info.newmail.lpEntryID, lpNotifs[i].info.newmail.cbEntryID, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1962:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(zvalNotif, "parentid", (char *)lpNotifs[i].info.newmail.lpParentID, lpNotifs[i].info.newmail.cbParentID, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1964:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_string(zvalNotif, "messageclass", (char *)lpNotifs[i].info.newmail.lpszMessageClass, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1974:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(zvalNotif, "entryid", (char *)lpNotifs[i].info.obj.lpEntryID, lpNotifs[i].info.obj.cbEntryID, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1977:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(zvalNotif, "parentid", (char *)lpNotifs[i].info.obj.lpParentID, lpNotifs[i].info.obj.cbParentID, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1979:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(zvalNotif, "oldid", (char *)lpNotifs[i].info.obj.lpOldID, lpNotifs[i].info.obj.cbOldID, 1);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1981:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(zvalNotif, "oldparentid", (char *)lpNotifs[i].info.obj.lpOldParentID, lpNotifs[i].info.obj.cbOldParentID, 1);
data/kopanocore-8.7.0/php7-ext/main.cpp:252:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(perf_measure_file, "a+");
data/kopanocore-8.7.0/php7-ext/main.cpp:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szProfName[MAX_PATH];
data/kopanocore-8.7.0/php7-ext/main.cpp:3603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:183:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpSortOrderSet->aSort[i].ulPropTag = atoi(key->val);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:472:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpPropValue[cvalues].Value.MVguid.lpguid[h++], dataEntry->value.str->val, sizeof(GUID));
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:587:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpActions->lpAction[j].actReply.guidReplyTemplate, dataEntry->value.str->val, sizeof(GUID));
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1298:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", c);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1311:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", c);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1339:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", VALUE);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1341:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1343:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", FUZZYLEVEL);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1355:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RELOP);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1357:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1359:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", VALUE);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1368:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RELOP);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1370:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG1);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1372:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG2);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1381:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULTYPE);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1383:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1385:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULMASK);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1394:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RELOP);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1396:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1398:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", CB);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1407:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1419:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", ULPROPTAG);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1421:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RESTRICTION);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1436:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", PROPS);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1438:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "%i", RESTRICTION);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ulKey[16];
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1492:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pulproptag[16];
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1503:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pulproptag, "%i",PropTagToPHPTag(pPropValue->ulPropTag));
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1569:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1579:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1589:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1599:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1609:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1619:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1629:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1640:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1650:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1660:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1725:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ulKey, "%i", j);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1776:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&pvalEntry, "sourcekey", (char *)lpReadStates[i].pbSourceKey, lpReadStates[i].cbSourceKey);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1887:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpGUIDs[n++], pentry->value.str->val, sizeof(GUID));
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1915:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&zvalNotif, "entryid", (char *)lpNotifs[i].info.newmail.lpEntryID, lpNotifs[i].info.newmail.cbEntryID);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1916:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&zvalNotif, "parentid", (char *)lpNotifs[i].info.newmail.lpParentID, lpNotifs[i].info.newmail.cbParentID);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1918:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_string(&zvalNotif, "messageclass", (char *)lpNotifs[i].info.newmail.lpszMessageClass);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1928:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&zvalNotif, "entryid", (char *)lpNotifs[i].info.obj.lpEntryID, lpNotifs[i].info.obj.cbEntryID);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1931:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&zvalNotif, "parentid", (char *)lpNotifs[i].info.obj.lpParentID, lpNotifs[i].info.obj.cbParentID);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1933:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&zvalNotif, "oldid", (char *)lpNotifs[i].info.obj.lpOldID, lpNotifs[i].info.obj.cbOldID);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1935:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_assoc_stringl(&zvalNotif, "oldparentid", (char *)lpNotifs[i].info.obj.lpOldParentID, lpNotifs[i].info.obj.cbOldParentID);
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szTime[255];
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:604:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryId, &eid, sizeof(eid));
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:428:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpABeid, lpEntryID, sizeof(ABEID));
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:440:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpABeid.guid, &MUIDECSAB, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:665:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, lpProp->m_lpEntryId, lpsPropValue->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:705:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValDst->Value.bin.lpb, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECExchangeExportChanges.cpp:419:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szDuration[64] = {0};
data/kopanocore-8.7.0/provider/client/ECGenericProp.cpp:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, lpProp->m_lpEntryId, lpProp->m_cbEntryId);
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, &lpProp->GetMsgStore()->GetStoreGuid(), sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:170:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, lpWrapped, cbWrapped);
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:179:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, &lpMsgStore->m_guidMDB_Provider, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:199:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, lpProp->m_lpParentID, lpProp->m_cbParentID);
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:213:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, &sServerGuid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValDst->Value.bin.lpb, lpWrapped, cbWrapped);
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:307:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValDst->Value.bin.lpb, &lpMsgStore->GetStoreGuid(), sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:316:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValDst->Value.bin.lpb, &lpMsgStore->m_guidMDB_Provider, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:610:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrPerms[cPerms], lpNewPerms, cNewPerms * sizeof(ECPERMISSION));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:617:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptrTmpPerms, ptrPerms, cPerms * sizeof(ECPERMISSION));
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:618:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptrTmpPerms + cPerms, lpNewPerms, cNewPerms * sizeof(ECPERMISSION));
data/kopanocore-8.7.0/provider/client/ECMAPITable.cpp:146:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_lpSetColumns->aulPropTag, &lpPropTagArray->aulPropTag, lpPropTagArray->cValues * sizeof(ULONG));
data/kopanocore-8.7.0/provider/client/ECMAPITable.cpp:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpSortCriteria, lpsSortOrderSet, CbSSortOrderSet(lpsSortOrderSet));
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:107:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidMDBProvider, lpsPropArray[0].Value.bin.lpb, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:116:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidMDBProvider, &KOPANO_STORE_DELEGATE_GUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:118:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidMDBProvider, &KOPANO_STORE_PUBLIC_GUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:120:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidMDBProvider, &KOPANO_STORE_ARCHIVE_GUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:126:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidMDBProvider, &KOPANO_SERVICE_GUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMSProvider.cpp:198:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guidMDBProvider, lpsPropArray[0].Value.bin.lpb, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:664:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptrPropTagArrayMod->aulPropTag, ptrPropTagArray->aulPropTag, sizeof(*ptrPropTagArrayMod->aulPropTag) * ptrPropTagArrayMod->cValues);
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:1872:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, lpMessage->m_lpParentID, lpsPropValue->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:1942:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, result.c_str(), ulSize);
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:1981:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.lpszA, lpData, ulSize);
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:2335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szRtfBuf[64] = {0};
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:2364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lpBuf[4096];
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:467:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValDst->Value.bin.lpb, lpWrapped, cbWrapped);
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:936:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, lpWrapped, cbWrapped);
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:949:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropValue->Value.bin.lpb, &lpStore->GetStoreGuid(), sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1336:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpFBPropValue->Value.MVbin.lpbin[3].lpb, lpPropValue->Value.bin.lpb, lpPropValue->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1377:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpFBPropValue->Value.MVbin.lpbin[1].lpb, lpPropValue->Value.bin.lpb, lpPropValue->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1413:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpFBPropValue->Value.MVbin.lpbin[0].lpb, lpPropValue->Value.bin.lpb, lpPropValue->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1824:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpecMsgStore->m_guidMDB_Provider, &KOPANO_SERVICE_GUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:1826:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpecMsgStore->m_guidMDB_Provider, &KOPANO_STORE_PUBLIC_GUID, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/ECMsgStorePublic.cpp:416:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpProps[cProps].Value.bin.lpb, &ulRowId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/client/ECMsgStorePublic.cpp:506:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpProps[cProps].Value.bin.lpb, &ulRowId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/client/ECNamedProp.cpp:318:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpName->lpguid, &sLocalNames[i].guid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECNamedProp.cpp:381:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->lpguid, lpSrc->lpguid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECNotifyClient.cpp:159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pEcAdvise->guid, lpKeySupport->ab, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECNotifyClient.cpp:359:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->second->lpKey, lpKey, cbKey);
data/kopanocore-8.7.0/provider/client/ECNotifyClient.cpp:437:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpNotifs[i++], *iterNotification, sizeof(NOTIFICATION));
data/kopanocore-8.7.0/provider/client/ECNotifyClient.cpp:454:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpKey->ab, &iterAdvise->second->guid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECNotifyClient.cpp:509:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpSyncStates->lpbin[lpSyncStates->cValues++], *iterSyncStates, sizeof *lpSyncStates->lpbin);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:199:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.bin.lpb, lpsProp->Value.bin.lpb, lpsProp->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:228:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.lpguid, lpsProp->Value.lpguid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:249:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVi.lpi, lpsProp->Value.MVi.lpi, lpsProp->Value.MVi.cValues * sizeof(short int));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVl.lpl, lpsProp->Value.MVl.lpl, lpsProp->Value.MVl.cValues * sizeof(int));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:283:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVflt.lpflt, lpsProp->Value.MVflt.lpflt, lpsProp->Value.MVflt.cValues * sizeof(float));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:300:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVdbl.lpdbl, lpsProp->Value.MVdbl.lpdbl, lpsProp->Value.MVdbl.cValues * sizeof(double));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:317:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVcur.lpcur, lpsProp->Value.MVcur.lpcur, lpsProp->Value.MVcur.cValues * sizeof(CURRENCY));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:334:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVat.lpat, lpsProp->Value.MVat.lpat, lpsProp->Value.MVat.cValues * sizeof(double));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVft.lpft, lpsProp->Value.MVft.lpft, lpsProp->Value.MVft.cValues * sizeof(FILETIME));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:387:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVbin.lpbin[i].lpb, lpsProp->Value.MVbin.lpbin[i].lpb, lpsProp->Value.MVbin.lpbin[i].cb);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:409:43: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Value.MVszW.lppszW = new(std::nothrow) wchar_t *[lpsProp->Value.MVszA.cValues];
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:450:43: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Value.MVszW.lppszW = new(std::nothrow) wchar_t *[lpsProp->Value.MVszW.cValues];
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:488:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVguid.lpguid, lpsProp->Value.MVguid.lpguid, sizeof(GUID) * lpsProp->Value.MVguid.cValues);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:505:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Value.MVli.lpli, lpsProp->Value.MVli.lpli, lpsProp->Value.MVli.cValues * sizeof(LARGE_INTEGER));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:601:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpsProp->Value, &Value, sizeof(union __UPV));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:656:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpBin, Value.bin.lpb, Value.bin.cb);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:692:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpGUID, Value.lpguid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:707:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpShort, Value.MVi.lpi, Value.MVi.cValues * sizeof(short int));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:719:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpLong, Value.MVl.lpl, Value.MVl.cValues * sizeof(LONG));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:731:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpFloat, Value.MVflt.lpflt, Value.MVflt.cValues * sizeof(float));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:743:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDouble, Value.MVdbl.lpdbl, Value.MVdbl.cValues * sizeof(double));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:755:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpCurrency, Value.MVcur.lpcur, Value.MVcur.cValues * sizeof(CURRENCY));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:767:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpApptime, Value.MVat.lpat, Value.MVat.cValues * sizeof(double));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:779:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpFiletime, Value.MVft.lpft, Value.MVft.cValues * sizeof(FILETIME));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:801:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsProp->Value.MVbin.lpbin[i].lpb, Value.MVbin.lpbin[i].lpb, lpsProp->Value.MVbin.lpbin[i].cb);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:853:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpGuid, Value.MVguid.lpguid, sizeof(GUID) * Value.MVguid.cValues);
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:866:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpLarge, Value.MVli.lpli, Value.MVli.cValues * sizeof(LARGE_INTEGER));
data/kopanocore-8.7.0/provider/client/ProviderUtil.cpp:148:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpMsgStore->m_guidMDB_Provider, lpguidMDBProvider,sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/client/WSTableView.cpp:107:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_lpsPropTagArray->aulPropTag, &lpsPropTagArray->aulPropTag, sizeof(ULONG) * lpsPropTagArray->cValues);
data/kopanocore-8.7.0/provider/client/WSTableView.cpp:171:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lpsSortOrderSet, lpsSortOrderSet, CbSSortOrderSet(lpsSortOrderSet));
data/kopanocore-8.7.0/provider/client/WSTableView.cpp:511:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_lpsPropTagArray->aulPropTag, &lpsPropTagArray->aulPropTag, sizeof(ULONG) * lpsPropTagArray->cValues);
data/kopanocore-8.7.0/provider/client/WSTableView.cpp:532:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lpsSortOrderSet, lpsSortOrderSet, CbSSortOrderSet(lpsSortOrderSet));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:334:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srv_guid, resp.sServerGuid.__ptr, sizeof(*srv_guid));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:401:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsServerGuid, resp.sServerGuid.__ptr, sizeof(*lpsServerGuid));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:815:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sNotification.newmail->lpszMessageClass, strMessageClass.c_str(), ulSize);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1072:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sNamedProps.__ptr[i].lpguid->__ptr = (unsigned char *)lppPropNames[i]->lpguid;
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1098:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*lpServerIDs, sResponse.lpsPropTags.__ptr, sizeof(ULONG) * sResponse.lpsPropTags.__size);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1144:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lppNames[i]->lpguid, sResponse.lpsNames.__ptr[i].lpguid->__ptr, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1156:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lppNames[i]->Kind.lpwstrName, strNameW.c_str(), (strNameW.size() + 1) * sizeof(WCHAR)); // Also copy the trailing '\0'
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1224:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsRowSet->aRow[i].lpProps[RFT_INST_KEY].Value.bin.lpb, &ulRowId, sizeof(ulRowId));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsRowSet->aRow[i].lpProps[RFT_ENTRYID].Value.bin.lpb, sReceiveFolders.sFolderArray.__ptr[i].sEntryId.__ptr, lpsRowSet->aRow[i].lpProps[RFT_ENTRYID].Value.bin.cb);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1241:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsRowSet->aRow[i].lpProps[RFT_RECORD_KEY].Value.bin.lpb, sReceiveFolders.sFolderArray.__ptr[i].sEntryId.__ptr, lpsRowSet->aRow[i].lpProps[RFT_RECORD_KEY].Value.bin.cb);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1249:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsRowSet->aRow[i].lpProps[RFT_MSG_CLASS].Value.lpszW, unicode.c_str(), (unicode.length()+1)*sizeof(WCHAR));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1256:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsRowSet->aRow[i].lpProps[RFT_MSG_CLASS].Value.lpszA, sReceiveFolders.sFolderArray.__ptr[i].lpszAExplicitClass, nLen);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3462:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpszServerPath, lpCachedResult->serverPath.c_str(), ulLen);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3498:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpszServerPath, sResponse.lpszServerPath, ulLen);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3583:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges[i].sSourceKey.lpb, sResponse.sChangesArray.__ptr[i].sSourceKey.__ptr, sResponse.sChangesArray.__ptr[i].sSourceKey.__size);
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3592:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges[i].sParentSourceKey.lpb, sResponse.sChangesArray.__ptr[i].sParentSourceKey.__ptr, sResponse.sChangesArray.__ptr[i].sParentSourceKey.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:108:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.bin->__ptr, sp->Value.lpguid, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.bin->__ptr, sp->Value.bin.lpb, sp->Value.bin.cb);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:126:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvi.__ptr, sp->Value.MVi.lpi, sizeof(short int) * dp->Value.mvi.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:132:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvl.__ptr, sp->Value.MVl.lpl, sizeof(unsigned int) * dp->Value.mvl.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvflt.__ptr, sp->Value.MVflt.lpflt, sizeof(float) * dp->Value.mvflt.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:144:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvdbl.__ptr, sp->Value.MVdbl.lpdbl, sizeof(double) * dp->Value.mvdbl.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvdbl.__ptr, sp->Value.MVat.lpat, sizeof(double) * dp->Value.mvdbl.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:183:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvbin.__ptr[i].__ptr, sp->Value.MVbin.lpbin[i].lpb, dp->Value.mvbin.__ptr[i].__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:223:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.mvbin.__ptr[i].__ptr, &sp->Value.MVguid.lpguid[i], dp->Value.mvbin.__ptr[i].__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->act.moveCopy.store.__ptr, sa->actMoveCopy.lpStoreEntryId, sa->actMoveCopy.cbStoreEntryId);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:264:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->act.moveCopy.folder.__ptr, sa->actMoveCopy.lpFldEntryId, sa->actMoveCopy.cbFldEntryId);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:272:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->act.reply.message.__ptr, sa->actReply.lpEntryId, sa->actReply.cbEntryId);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:276:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->act.reply.guid.__ptr, &sa->actReply.guidReplyTemplate, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:282:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->act.defer.bin.__ptr,sa->actDeferAction.pbData, sa->actDeferAction.cbData);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:410:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.lpguid, sp->Value.bin->__ptr, sp->Value.bin->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:426:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.bin.lpb, sp->Value.bin->__ptr, sp->Value.bin->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:440:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.MVi.lpi, sp->Value.mvi.__ptr, sizeof(short int)*dp->Value.MVi.cValues);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:453:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.MVl.lpl, sp->Value.mvl.__ptr, sizeof(unsigned int)*dp->Value.MVl.cValues);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:466:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.MVflt.lpflt, sp->Value.mvflt.__ptr, sizeof(float)*dp->Value.MVflt.cValues);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:479:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.MVdbl.lpdbl, sp->Value.mvdbl.__ptr, sizeof(double)*dp->Value.MVdbl.cValues);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:508:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.MVat.lpat, sp->Value.mvdbl.__ptr, sizeof(double)*dp->Value.MVat.cValues);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:547:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->Value.MVbin.lpbin[i].lpb, sp->Value.mvbin.__ptr[i].__ptr, dp->Value.MVbin.lpbin[i].cb);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:624:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dp->Value.MVguid.lpguid[i], sp->Value.mvbin.__ptr[i].__ptr, sizeof(GUID));
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:687:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->actMoveCopy.lpStoreEntryId, sa->act.moveCopy.store.__ptr, sa->act.moveCopy.store.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:692:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->actMoveCopy.lpFldEntryId, sa->act.moveCopy.folder.__ptr, sa->act.moveCopy.folder.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:700:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->actReply.lpEntryId, sa->act.reply.message.__ptr, sa->act.reply.message.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:703:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&da->actReply.guidReplyTemplate, sa->act.reply.guid.__ptr, sa->act.reply.guid.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:710:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->actDeferAction.pbData, sa->act.defer.bin.__ptr,sa->act.defer.bin.__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:836:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDest->__ptr, lpEntryIdSrc, cbEntryIdSrc);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:858:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryId, lpSrc->__ptr, lpSrc->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:910:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsEntryList->__ptr[i].__ptr, lpMsgList->lpbin[i].lpb, lpMsgList->lpbin[i].cb);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:944:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpMsgList->lpbin[i].lpb, lpsEntryList->__ptr[i].__ptr, lpsEntryList->__ptr[i].__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1396:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropTagArray->aulPropTag, lpsPropTagArray->__ptr, sizeof(unsigned int)*lpsPropTagArray->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1414:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*lppszTString, strDest.c_str(), strDest.length());
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1436:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*lppszUtf8, strDest.c_str(), cbDest);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1961:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpStoreID, lpsStoreId->__ptr, lpsStoreId->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1999:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpUnWrapStoreID, lpWrapStoreID, ulSize-4);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2035:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpUnWrapABID, lpWrapABID, ulSize-4);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2073:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst.lpszMessageClass, lpSrc->newmail->lpszMessageClass, nLen);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2115:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin.lpb, lpSrc->tab->propIndex.Value.bin->__ptr, lpSrc->tab->propIndex.Value.bin->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2127:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin.lpb, lpSrc->tab->propPrior.Value.bin->__ptr, lpSrc->tab->propPrior.Value.bin->__size);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2183:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpSBinary->lpb, lpSrc->ics->pSyncState->__ptr, lpSBinary->cb);
data/kopanocore-8.7.0/provider/client/epclient.cpp:351:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&d.abe_id->guid, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/common/SOAPAlloc.h:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, str, len);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:154:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPTsDst->__ptr, lpPTsSrc->__ptr, sizeof(unsigned int) * lpPTsSrc->__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:987:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.bin->__ptr, lpSrc->Value.bin->__ptr, lpDst->Value.bin->__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:994:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvi.__ptr, lpSrc->Value.mvi.__ptr, sizeof(short int) * lpDst->Value.mvi.__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1001:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvl.__ptr, lpSrc->Value.mvl.__ptr, sizeof(unsigned int) * lpDst->Value.mvl.__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1008:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvflt.__ptr, lpSrc->Value.mvflt.__ptr, sizeof(float) * lpDst->Value.mvflt.__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1016:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvdbl.__ptr, lpSrc->Value.mvdbl.__ptr, sizeof(double) * lpDst->Value.mvdbl.__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1023:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvli.__ptr, lpSrc->Value.mvli.__ptr, sizeof(LONG64) * lpDst->Value.mvli.__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1031:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvhilo.__ptr, lpSrc->Value.mvhilo.__ptr, sizeof(hiloLong) * lpDst->Value.mvhilo.__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1058:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->Value.mvbin.__ptr[i].__ptr, lpSrc->Value.mvbin.__ptr[i].__ptr, lpSrc->Value.mvbin.__ptr[i].__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->__ptr, lpSrc->__ptr, lpSrc->__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1291:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpDst->__ptr[i].__ptr, lpSrc->__ptr[i].__ptr, lpSrc->__ptr[i].__size);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1395:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rNotifyTo.newmail->lpszMessageClass, lpNotification->newmail->lpszMessageClass, nLen);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1459:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpRightsArrayDst->__ptr[i].sUserId.__ptr, lpRightsArraySrc->__ptr[i].sUserId.__ptr, lpRightsArraySrc->__ptr[i].sUserId.__size);
data/kopanocore-8.7.0/provider/common/pcuser.cpp:21:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objclass = (objectclass_t)atoi(std::string(str, 0, pos).c_str());
data/kopanocore-8.7.0/provider/common/pcuser.cpp:43:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return item == m_mapProps.cend() ? 0 : atoi(item->second.c_str());
data/kopanocore-8.7.0/provider/common/pcuser.cpp:49:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return item == m_mapProps.cend() ? false : atoi(item->second.c_str());
data/kopanocore-8.7.0/provider/common/pcutil.cpp:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpguidStore, &peid->guid, sizeof(GUID));
data/kopanocore-8.7.0/provider/common/pcutil.cpp:166:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guidServer, reinterpret_cast<const BYTE *>(lpInstanceEid) + SIZEOF_SIEID_FIXED, sizeof(GUID));
data/kopanocore-8.7.0/provider/common/pcutil.cpp:269:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpUserEid->guid, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/common/pcutil.cpp:275:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpUserEid->szExId, strEncExId.c_str(), strEncExId.length()+1);
data/kopanocore-8.7.0/provider/common/pcutil.cpp:295:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpInstanceEid->guid, MUIDECSI_SERVER, sizeof(GUID));
data/kopanocore-8.7.0/provider/common/pcutil.cpp:296:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<char *>(lpInstanceEid) + SIZEOF_SIEID_FIXED, guidServer, sizeof(GUID));
data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpWrapped->muid, &MUIDZCSAB, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp:108:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpWrapped->origEntryID, lpEntryID, cbEntryID);
data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp:239:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mnNamedProps, default_namedprops, sizeof(default_namedprops));
data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp:615:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpEntryID->muid, &MUIDZCSAB, sizeof(MAPIUID));
data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp:618:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryID->origEntryID, folder.lpFolder, folder.cbFolder);
data/kopanocore-8.7.0/provider/contacts/ZCABContainer.cpp:665:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sEntryID + 4, &MUIDZCSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/contacts/ZCABLogon.cpp:98:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry.lpStore, lpStore, cbStore);
data/kopanocore-8.7.0/provider/contacts/ZCABLogon.cpp:104:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry.lpFolder, lpFolder, cbFolder);
data/kopanocore-8.7.0/provider/include/kcore.hpp:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[4]{};
data/kopanocore-8.7.0/provider/include/kcore.hpp:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[4]{};
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:230:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[SHA256_DIGEST_LENGTH];
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:327:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
esid->siid = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:888:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData + iReadSize, lpDBRow[0], lpDBLen[0]);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:996:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char szBuffer[CHUNK_SIZE] = {0};
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1252:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1261:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1341:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData, temp, *lpiSize);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1421:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CHUNK_SIZE];
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1426:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto fd = open(filename.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1435:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1643:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename.c_str(), O_WRONLY | O_CREAT | O_TRUNC, S_IWUSR | S_IRUSR | S_IRGRP);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1670:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char szBuffer[CHUNK_SIZE];
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1673:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename.c_str(), O_RDWR | O_CREAT, S_IWUSR | S_IRUSR);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1985:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:1990:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2154:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int x = open(hl.intent_ref.c_str(), O_WRONLY | O_CREAT | O_EXCL, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2183:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(sl.content_file.c_str(), O_WRONLY | O_CREAT, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2194:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(sl.holder_ref.c_str(), O_WRONLY | O_CREAT, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2261:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(sl.content_file.c_str(), O_WRONLY | O_CREAT, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2270:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CHUNK_SIZE];
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2288:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char shasum[SHA256_DIGEST_LENGTH];
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2292:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(sl.holder_ref.c_str(), O_WRONLY | O_CREAT, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2322:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(hl.intent_ref.c_str(), O_WRONLY | O_CREAT | O_EXCL, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2325:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(hl.holder_ref.c_str(), O_WRONLY | O_CREAT | O_EXCL, S_IRWUG);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2390:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(ctf.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2426:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(ctf.c_str(), O_RDONLY);
data/kopanocore-8.7.0/provider/libserver/ECAttachmentStorage.cpp:2436:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CHUNK_SIZE];
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:69:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_QuotaCache("quota", atoi(lpConfig->GetSetting("cache_quota_size")), atoi(lpConfig->GetSetting("cache_quota_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:69:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_QuotaCache("quota", atoi(lpConfig->GetSetting("cache_quota_size")), atoi(lpConfig->GetSetting("cache_quota_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:70:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_QuotaUserDefaultCache("uquota", atoi(lpConfig->GetSetting("cache_quota_size")), atoi(lpConfig->GetSetting("cache_quota_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:70:85: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_QuotaUserDefaultCache("uquota", atoi(lpConfig->GetSetting("cache_quota_size")), atoi(lpConfig->GetSetting("cache_quota_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:72:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_StoresCache("store", atoi(lpConfig->GetSetting("cache_store_size")), 0)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:73:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_UserObjectCache("userid", atoi(lpConfig->GetSetting("cache_user_size")), atoi(lpConfig->GetSetting("cache_userdetails_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:73:78: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_UserObjectCache("userid", atoi(lpConfig->GetSetting("cache_user_size")), atoi(lpConfig->GetSetting("cache_userdetails_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:74:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_UEIdObjectCache("extern", atoi(lpConfig->GetSetting("cache_user_size")), atoi(lpConfig->GetSetting("cache_userdetails_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:74:78: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_UEIdObjectCache("extern", atoi(lpConfig->GetSetting("cache_user_size")), atoi(lpConfig->GetSetting("cache_userdetails_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:75:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_UserObjectDetailsCache("abinfo", atoi(lpConfig->GetSetting("cache_userdetails_size")), atoi(lpConfig->GetSetting("cache_userdetails_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:75:92: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_UserObjectDetailsCache("abinfo", atoi(lpConfig->GetSetting("cache_userdetails_size")), atoi(lpConfig->GetSetting("cache_userdetails_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:76:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_AclCache("acl", atoi(lpConfig->GetSetting("cache_acl_size")), 0)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:78:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_ServerDetailsCache("server", atoi(lpConfig->GetSetting("cache_server_size")), atoi(lpConfig->GetSetting("cache_server_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:78:83: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
, m_ServerDetailsCache("server", atoi(lpConfig->GetSetting("cache_server_size")), atoi(lpConfig->GetSetting("cache_server_lifetime")) * 60)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:302:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpGuid, &sStores->guidStore, sizeof(GUID) );
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:580:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulStore = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:581:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guid, lpDBRow[1], sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:582:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulType = atoi(lpDBRow[2]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:748:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objclass = (objectclass_t)atoi(lpDBRow[3]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:824:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulLocalId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:826:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sExternId.objclass = (objectclass_t)atoi(lpDBRow[2]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:828:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulCompanyId = atoi(lpDBRow[4]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1033:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpRights->__ptr[i].ulUserid = atoi(lpRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1034:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpRights->__ptr[i].ulType = atoi(lpRow[1]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1035:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpRights->__ptr[i].ulRights = atoi(lpRow[2]);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1475:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*lppData, sObject->lpData, sObject->cbData);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1506:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*lppData, sObject->lpData, sObject->cbData);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1932:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData, data, z);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1939:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst.lpData, src.lpData, src.cbData);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.h:178:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aACL.get(), src.aACL.get(), sizeof(ACL) * ulACLs);
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.h:184:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aACL.get(), src.aACL.get(), sizeof(ACL) * ulACLs);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:26:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(lpRow[FIELD_NR_TYPE])) {
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:387:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int type = atoi(lpRow[FIELD_NR_TYPE]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:394:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulPropTag = PROP_TAG(type, atoi(lpRow[FIELD_NR_TAG]));
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:402:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.i = (short)atoi(lpRow[FIELD_NR_ULONG]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:426:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.b = atoi(lpRow[FIELD_NR_ULONG]) != 0;
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:443:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.hilo->hi = atoi(lpRow[FIELD_NR_HI]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:461:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.hilo->hi = atoi(lpRow[FIELD_NR_HI]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:492:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, lpRow[FIELD_NR_BINARY],lpLen[FIELD_NR_BINARY]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:503:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, lpRow[FIELD_NR_BINARY],lpLen[FIELD_NR_BINARY]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:513:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvi.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:528:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvl.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:543:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvflt.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:559:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvdbl.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:574:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvhilo.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:586:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvhilo.__ptr[i].hi = atoi((char*)strData.c_str());
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:596:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvbin.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:603:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.mvbin.__ptr[i].__ptr, strData.c_str(), lpPropVal->Value.mvbin.__ptr[i].__size);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:613:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvszA.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:619:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.mvszA.__ptr[i], strData.c_str(), strData.size() + 1);
data/kopanocore-8.7.0/provider/libserver/ECDatabaseUtils.cpp:629:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.mvli.__size = atoi(lpRow[FIELD_NR_ID]);
data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp:272:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.lpszA, lpszColon, newlength);
data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp:292:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &ulObjId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp:496:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sPropVal.Value.bin->__ptr, &ulObjId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp:497:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sPropVal.Value.bin->__ptr+sizeof(ULONG), &ulOrderId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:457:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropTagArray->__ptr, lpsPropTags->__ptr, sizeof(unsigned int) * lpsPropTags->__size);
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:501:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsPropTags->__ptr, lpsPropTagArray->__ptr, sizeof(unsigned int) * lpsPropTagArray->__size);
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:567:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsSortOrderArray->__ptr, lpsSortOrder->__ptr, sizeof(struct sortOrder) * lpsSortOrder->__size);
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:829:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sRowItem.ulObjId, lpRowSet->__ptr[i].__ptr[0].Value.bin->__ptr, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:830:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sRowItem.ulOrderId, lpRowSet->__ptr[i].__ptr[0].Value.bin->__ptr+sizeof(ULONG), sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:1149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsCollapseState->__ptr, os.str().c_str(), os.str().size());
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:2501:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:2503:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szChangeKey[20];
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:276:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(szChangeKey + sizeof(GUID), &changeid, 4);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:500:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&col_lengths[length_counter*ncols], lpDBLen, ncols * sizeof(*col_lengths));
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:576:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lpChanges->__ptr[i].sSourceKey.__ptr = (unsigned char *)soap_malloc(soap, lpDBLen[0]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:578:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges->__ptr[i].sSourceKey.__ptr, lpDBRow[0], lpDBLen[0]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:579:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lpChanges->__ptr[i].sParentSourceKey.__ptr = (unsigned char *)soap_malloc(soap, lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:581:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges->__ptr[i].sParentSourceKey.__ptr, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:617:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lpChanges->__ptr[i].sSourceKey.__ptr = (unsigned char *)soap_malloc(soap, lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:619:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges->__ptr[i].sSourceKey.__ptr, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:620:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lpChanges->__ptr[i].sParentSourceKey.__ptr = (unsigned char *)soap_malloc(soap, lpDBLen[2]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:622:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges->__ptr[i].sParentSourceKey.__ptr, lpDBRow[2], lpDBLen[2]);
data/kopanocore-8.7.0/provider/libserver/ECICS.cpp:867:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpChanges->__ptr[i].sParentSourceKey.__ptr, &abcont_1, sizeof(abcont_1));
data/kopanocore-8.7.0/provider/libserver/ECICS.h:29:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData.get(), s.lpData.get(), s.ulSize);
data/kopanocore-8.7.0/provider/libserver/ECICS.h:39:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData.get(), d, ulSize);
data/kopanocore-8.7.0/provider/libserver/ECICS.h:45:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpData[0], &guid, sizeof(guid));
data/kopanocore-8.7.0/provider/libserver/ECICS.h:60:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData.get(), sourcekey.__ptr, sourcekey.__size);
data/kopanocore-8.7.0/provider/libserver/ECICS.h:69:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpData.get(), s.lpData.get(), ulSize);
data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp:694:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
m_lpChanges->__ptr[m_ulChangeCnt].sSourceKey.__ptr = (unsigned char *)soap_malloc(m_soap, lpDBLen[icsSourceKey]);
data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp:696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lpChanges->__ptr[m_ulChangeCnt].sSourceKey.__ptr, lpDBRow[icsSourceKey], lpDBLen[icsSourceKey]);
data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp:697:72: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
m_lpChanges->__ptr[m_ulChangeCnt].sParentSourceKey.__ptr = (unsigned char *)soap_malloc(m_soap, lpDBLen[icsParentSourceKey]);
data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp:699:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lpChanges->__ptr[m_ulChangeCnt].sParentSourceKey.__ptr, lpDBRow[icsParentSourceKey], lpDBLen[icsParentSourceKey]);
data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp:724:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lpChanges->__ptr[m_ulChangeCnt].sSourceKey.__ptr, p.first, p.first.size());
data/kopanocore-8.7.0/provider/libserver/ECICSHelpers.cpp:727:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lpChanges->__ptr[m_ulChangeCnt].sParentSourceKey.__ptr, p.second.sParentSourceKey, p.second.sParentSourceKey.size());
data/kopanocore-8.7.0/provider/libserver/ECPluginFactory.cpp:38:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/kopanocore-8.7.0/provider/libserver/ECS3Attachment.cpp:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->data + data->processed, buffer, bufferSize);
data/kopanocore-8.7.0/provider/libserver/ECS3Attachment.cpp:408:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, data->data + data->processed, toRead);
data/kopanocore-8.7.0/provider/libserver/ECSearchFolders.cpp:96:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulFolderId = atoi(lpRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECSearchFolders.cpp:874:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lstFolders.emplace_back(atoi(lpDBRow[0]));
data/kopanocore-8.7.0/provider/libserver/ECSearchFolders.cpp:1300:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (lpDBRow == nullptr || lpDBRow[0] == nullptr || atoi(lpDBRow[0]) != 2 || lpDBRow[1] == nullptr)
data/kopanocore-8.7.0/provider/libserver/ECSecurity.cpp:552:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpsRightsArray->__ptr[i].ulUserid = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECSecurity.cpp:553:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpsRightsArray->__ptr[i].ulType = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/ECSecurity.cpp:554:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpsRightsArray->__ptr[i].ulRights = atoi(lpDBRow[2]);
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:231:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_ulSessionTimeout = atoi(lpSessionManager->GetConfig()->GetSetting("session_timeout"));
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:704:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[1024];
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1093:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpOutput->__ptr, gssOutputToken.value, gssOutputToken.length);
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[NTLMBUFFER];
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1209:16: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
m_NTLM_pid = vfork();
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1327:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpOutput->__ptr, strDecoded.data(), strDecoded.length());
data/kopanocore-8.7.0/provider/libserver/ECSessionGroup.cpp:252:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p.Value.bin->__ptr, &lpsChildRow->ulObjId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECSessionGroup.cpp:253:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p.Value.bin->__ptr + sizeof(ULONG), &lpsChildRow->ulOrderId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECSessionGroup.cpp:267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p.Value.bin->__ptr, &lpsPrevRow->ulObjId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECSessionGroup.cpp:268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p.Value.bin->__ptr + sizeof(ULONG), &lpsPrevRow->ulOrderId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp:1361:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(row[1])) {
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp:1362:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case ACTIVE_USER: act = atoi(row[0]); break;
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp:1363:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case NONACTIVE_USER: nonact = atoi(row[0]); break;
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp:1364:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case NONACTIVE_ROOM: room = atoi(row[0]); break;
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp:1365:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case NONACTIVE_EQUIPMENT: eqp = atoi(row[0]); break;
data/kopanocore-8.7.0/provider/libserver/ECSessionManager.cpp:1366:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case NONACTIVE_CONTACT: contact = atoi(row[0]); break;
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test[2048] = {0};
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsRowSet->__ptr[i].__ptr[k].Value.bin->__ptr, &row, sizeof(sObjectTableKey));
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:363:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.bin->__ptr, &row, sizeof(sObjectTableKey));
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:635:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.bin->__ptr, &row, sizeof(sObjectTableKey));
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:646:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.lpszA, strData.data(), strData.length() + 1);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.lpszA, strData.data(), strData.length() + 1);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:668:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.lpszA, strData.data(), strData.length() + 1);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:679:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.lpszA, strData.data(), strData.length() + 1);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:703:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.lpszA, strData.data(), strData.length() + 1);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:749:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m.Value.hilo->hi = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:750:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m.Value.hilo->lo = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:770:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m.Value.b = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:876:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.bin->__ptr, &row, sizeof(sObjectTableKey));
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:946:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m.Value.hilo->hi = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:947:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m.Value.hilo->lo = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/ECStatsTables.cpp:1043:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.bin->__ptr, &row, sizeof(sObjectTableKey));
data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp:164:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulPropID = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp:165:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lplstProps->emplace_back(PROP_TAG(atoi(lpDBRow[1]), ulPropID));
data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp:228:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sRowItem.ulOrderId = (lpDBRow[1] == NULL)? 0 : atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp:921:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count[atoi(row[0])] = atoi(row[1]);
data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp:921:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count[atoi(row[0])] = atoi(row[1]);
data/kopanocore-8.7.0/provider/libserver/ECStoreObjectTable.cpp:1029:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lstObjIds.emplace_back(atoi(lpDBRow[0]));
data/kopanocore-8.7.0/provider/libserver/ECSubRestriction.cpp:176:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulParent = atoi(lpRow[0]);
data/kopanocore-8.7.0/provider/libserver/ECSubRestriction.cpp:177:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulSubObject = atoi(lpRow[1]);
data/kopanocore-8.7.0/provider/libserver/ECTPropsPurge.cpp:120:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulMaxDeferred = atoi(m_lpConfig->GetSetting("max_deferred_records"));
data/kopanocore-8.7.0/provider/libserver/ECTableManager.cpp:262:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpTable->UpdateRow(ECKeyTable::TABLE_ROW_ADD, atoi(lpDBRow[0]), 0);
data/kopanocore-8.7.0/provider/libserver/ECTestProtocol.cpp:62:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(szValue) > 0)
data/kopanocore-8.7.0/provider/libserver/ECTestProtocol.cpp:69:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(szValue) > 0)
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *env[32];
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:1265:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpObjects->push_back(atoi(lpRow[0]));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2855:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.i = atoi(strValue.c_str());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2860:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.ul = atoi(strValue.c_str());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2865:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpPropVal->Value.li = atol(strValue.c_str());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2890:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, strValue.data(), strValue.size());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2901:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.mvbin.__ptr[i++].__ptr, val.data(), val.size());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2965:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &ulId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:2967:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr + sizeof(ULONG), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3051:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &ulId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3087:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.mvbin.__ptr[j++].__ptr, cert.data(), cert.size());
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3260:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &ulId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3262:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr + sizeof(ULONG), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3303:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &ulId, sizeof(ULONG));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3315:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3481:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &abcont_1, sizeof(abcont_1));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3496:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3498:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3518:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3526:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3560:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &abcont_1, sizeof(abcont_1));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3582:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3598:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3609:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3719:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &abeid, sizeof(abeid));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3730:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &abeid, sizeof(abeid));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3745:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3746:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr + sizeof(tmp4), &tmp4, sizeof(tmp4));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3771:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &abeid, sizeof(abeid));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3796:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3828:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpPropVal->Value.bin->__ptr, &abcont_uab, sizeof(abcont_uab));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3993:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpAbeid->guid, &MUIDECSAB, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:3998:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpAbeid->szExId, strEncExId.c_str(), strEncExId.length()+1);
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:4046:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEid->szExId, strEncExId.c_str(), strEncExId.length()+1);
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:79:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.bin->__ptr, &row, sizeof(sObjectTableKey));
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m.Value.bin->__ptr, &pThis->m_mapUserStoreData[row.ulObjId].sGuid, sizeof(GUID));
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:210:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objclass = (objectclass_t)atoi(lpDBRow[OBJCLASS]);
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:212:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sUserStore.ulUserId = atoi(lpDBRow[USERID]);
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:221:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sUserStore.ulCompanyId = atoi(lpDBRow[UCOMPANY]);
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:223:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sUserStore.ulCompanyId = atoi(lpDBRow[SCOMPANY]); // might override from user.company
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:247:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sUserStore.sGuid, lpDBRow[STOREGUID], lpDBLength[STOREGUID]);
data/kopanocore-8.7.0/provider/libserver/ECUserStoreTable.cpp:250:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sUserStore.ulStoreType = atoi(lpDBRow[STORETYPE]);
data/kopanocore-8.7.0/provider/libserver/StorageUtil.cpp:78:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*lpulSize = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:196:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<uint16_t *>(ptr) + x, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:204:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<uint32_t *>(ptr) + x, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:212:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<uint64_t *>(ptr) + x, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:378:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulPropTag = PROP_TAG(type, atoi(lpRow[FIELD_NR_TAG]));
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:389:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
short i = atoi(lpRow[FIELD_NR_ULONG]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:416:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned char b = atoi(lpRow[FIELD_NR_ULONG]) ? 1 : 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:436:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hilo.hi = atoi(lpRow[FIELD_NR_HI]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:487:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:491:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
short i = atoi(strData.c_str());
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:502:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:516:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:531:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:546:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0, ulLastPos2 = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:552:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hilo.hi = atoi((char*)strData.c_str());
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:565:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:582:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:606:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulCount = atoi(lpRow[FIELD_NR_ID]), ulLastPos = 0;
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:1025:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulSubObjType = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:1029:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulSubObjId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:1100:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulSubObjType = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:1104:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulSubObjId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:1713:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulType = atoi(lpRow[FIELD_NR_TYPE]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpEntryId->__ptr, &eid, lpEntryId->__size);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:314:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:377:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<uint16_t *>(ptr) + x, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:385:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<uint32_t *>(ptr) + x, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:393:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<uint64_t *>(ptr) + x, &tmp, sizeof(tmp));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1101:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsResponse->guid.__ptr, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guid, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1106:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gcache->SetStore(atoui(lpDBRow[2]), atoui(lpDBRow[2]), &guid, atoi(lpDBRow[3]));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1203:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsResponse->guid.__ptr, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1207:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&guid, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1208:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gcache->SetStore(atoui(lpDBRow[2]), atoui(lpDBRow[2]), &guid, atoi(lpDBRow[3]));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:1522:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
er = GetFolderSize(lpDatabase, atoi(lpDBRow[0]), &llSubSize);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:2556:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mod.Value.bin->__ptr, strChangeKey.c_str(), strChangeKey.size());
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:2569:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mod.Value.bin->__ptr, strChangeList.c_str(), strChangeList.size());
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:2745:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
LoadObject(soap, lpecSession, atoi(lpDBRow[0]), atoi(lpDBRow[1]), ulObjType, &sSavedObject.__ptr[i], rd_cache && complete ? nullptr : &mapChildProps);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:2745:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
LoadObject(soap, lpecSession, atoi(lpDBRow[0]), atoi(lpDBRow[1]), ulObjType, &sSavedObject.__ptr[i], rd_cache && complete ? nullptr : &mapChildProps);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:2950:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulFolderId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:3782:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ulKey, notifySubscribe->sKey.__ptr, 4);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:4205:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6031:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulSubmitFlags = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6100:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
er = lpecSession->GetSecurity()->IsAdminOverUserObject(atoi(lpDBRow[3]));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6107:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpsResponse->ulUserId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsResponse->guid.__ptr, lpDBRow[2], lpDBLen[2]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6226:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsResponse->guid.__ptr, lpDBRow[1], lpDBLen[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6308:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6309:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulParent = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6310:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulType = atoi(lpDBRow[2]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6311:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulFlags = atoi(lpDBRow[3]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6312:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulOwner = atoi(lpDBRow[4]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6313:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulMessageFlags = lpDBRow[6] ? atoi(lpDBRow[6]) : 0;
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6337:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulItemSize += (lpDBRow[5] != NULL)? atoi(lpDBRow[5]) : 0;
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:6339:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (lpDBRow[3] != NULL && atoi(lpDBRow[3]) & MSGFLAG_DELETED)
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7406:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newname, lpDBRow[0], strlen(lpDBRow[0]) + 1);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7768:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_lpSessionManager->GetCacheManager()->Update(fnevObjectMoved, atoi(lpDBRow[3]));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7819:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (lpecSession->GetUserManagement()->GetObjectDetails(atoi(lpDBRow[0]), &sObjectDetails) == erSuccess)
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7826:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulStoreHierarchyId = atoi(lpDBRow[2]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7827:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulCompanyId = atoi(lpDBRow[3]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7876:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulDeleteTime = atoi(lpszSetting) * 24 * 60 * 60;
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7996:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptaProps.__ptr, lpProps, ulProps * sizeof(unsigned int));
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:9430:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsResponse->sPropCK.Value.bin->__ptr, lpDBRow[0], lpDBLen[0]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:9452:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsResponse->sPropPCL.Value.bin->__ptr, lpDBRow[0], lpDBLen[0]);
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:207:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(lpDBRow[1] == NULL && atoi(lpDBRow[2]) != MAPI_STORE) {
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:218:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulObjType = atoi(lpDBRow[2]);
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:274:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sItem.ulObjType = atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1390:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*lpsNames->__ptr[i].lpId = atoi(lpDBRow[0]);
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1402:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpsNames->__ptr[i].lpguid->__ptr, lpDBRow[2], lpDBLen[2]);
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1859:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulPropTag = PROP_TAG(atoi(lpDBRow[FIELD_NR_TYPE]),atoi(lpDBRow[FIELD_NR_TAG]));
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1859:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulPropTag = PROP_TAG(atoi(lpDBRow[FIELD_NR_TYPE]),atoi(lpDBRow[FIELD_NR_TAG]));
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1952:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulPropTag = PROP_TAG(atoi(lpDBRow[FIELD_NR_TYPE]),atoi(lpDBRow[FIELD_NR_TAG]));
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1952:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int ulPropTag = PROP_TAG(atoi(lpDBRow[FIELD_NR_TYPE]),atoi(lpDBRow[FIELD_NR_TAG]));
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:116:74: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto curid = objectid_t(string(lpDBRow[0], lpDBLen[0]), (objectclass_t)atoi(lpDBRow[1]));
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:123:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
details = objectdetails_t((objectclass_t)atoi(lpDBRow[1]));
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:142:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
details.SetPropInt(OB_PROP_I_ADMINLEVEL, std::min(2, atoi(lpDBRow[3])));
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:195:74: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto curid = objectid_t(string(lpDBRow[2], lpDBLen[2]), (objectclass_t)atoi(lpDBRow[3]));
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:706:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpDetails.bUseDefaultQuota = !!atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:715:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lpDetails.bUseDefaultQuota = !!atoi(lpDBRow[1]);
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:764:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto objclass = objectclass_t(atoi(lpDBRow[1]));
data/kopanocore-8.7.0/provider/plugins/DBUserPlugin.cpp:148:103: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return objectsignature_t(objectid_t(std::string(lpDBRow[0], lpDBLen[0]), static_cast<objectclass_t>(atoi(lpDBRow[1]))), signature);
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:185:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lpAttrs(new const char *[ulMaxAttrs+1])
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:839:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objclass = atoi(nonactive_type.c_str()) == 0 ? ACTIVE_USER : NONACTIVE_USER;
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:854:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objclass = (atoi(security_type.c_str()) & 0x80000000) ? DISTLIST_SECURITY : DISTLIST_GROUP;
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:1946:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sObjDetails.SetPropInt(OB_PROP_I_ADMINLEVEL, std::min(2, atoi(ldap_attr.c_str())));
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:1954:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sObjDetails.SetPropInt(OB_PROP_I_RESOURCE_CAPACITY, atoi(ldap_attr.c_str()));
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:2703:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
serverDetails.SetHttpPort(atoi(strHttpPort.c_str()));
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:2704:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
serverDetails.SetSslPort(atoi(strSslPort.c_str()));
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:2714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[2] = {digits[n>>4], digits[n&0xf]};
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:114:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int ret = getpwuid_r(atoi(id.c_str()), pwd, buffer, PWBUFSIZE, &pw);
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:154:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int ret = getgrgid_r(atoi(id.c_str()), grp, buffer, PWBUFSIZE, &gr);
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:474:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!objectstrings[(objectclass_t)atoi(lpDBRow[1])].empty())
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:475:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objectstrings[(objectclass_t)atoi(lpDBRow[1])] += ", ";
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:476:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objectstrings[(objectclass_t)atoi(lpDBRow[1])] += lpDBRow[0];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:623:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:775:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int ret = getpwuid_r(atoi(sig.id.id.c_str()), &pws, buffer, PWBUFSIZE, &pw);
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:850:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuffer[PWBUFSIZE];
data/kopanocore-8.7.0/provider/plugins/UnixUserPlugin.cpp:910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[3];
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cryptbuf[14];
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:31:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5_out[MD5_DIGEST_LENGTH];
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:37:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5_out[MD5_DIGEST_LENGTH];
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SHA_out[SHA_DIGEST_LENGTH];
data/kopanocore-8.7.0/provider/server/ECServer.cpp:334:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpfile = fopen(strtestpath.c_str(), "w");
data/kopanocore-8.7.0/provider/server/ECServer.cpp:335:8: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!tmpfile) {
data/kopanocore-8.7.0/provider/server/ECServer.cpp:340:6: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (tmpfile) {
data/kopanocore-8.7.0/provider/server/ECServer.cpp:341:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fclose(tmpfile);
data/kopanocore-8.7.0/provider/server/ECServer.cpp:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256] = {0};
data/kopanocore-8.7.0/provider/server/ECServer.cpp:1184:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto kcoidc_initialize_timeout = atoi(g_lpConfig->GetSetting("kcoidc_initialize_timeout"));
data/kopanocore-8.7.0/provider/server/ECServer.cpp:1263:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmplock = open(upgrade_lock_file, O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
data/kopanocore-8.7.0/provider/server/ECSoapServerConnection.cpp:340:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lpsSoap->path,"pipe");
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:246:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double dblMaxFreq = atoi(lpThis->m_lpConfig->GetSetting("watchdog_frequency"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:251:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
std::chrono::milliseconds(atoi(lpThis->m_lpConfig->GetSetting("watchdog_max_age"))))
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:269:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_nRecvTimeout = atoi(m_lpConfig->GetSetting("server_recv_timeout"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:270:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_nReadTimeout = atoi(m_lpConfig->GetSetting("server_read_timeout"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:271:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_nSendTimeout = atoi(m_lpConfig->GetSetting("server_send_timeout"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:364:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_nRecvTimeout = atoi(m_lpConfig->GetSetting("server_recv_timeout"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:365:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_nReadTimeout = atoi(m_lpConfig->GetSetting("server_read_timeout"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:366:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_nSendTimeout = atoi(m_lpConfig->GetSetting("server_send_timeout"));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:367:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
SetThreadCount(atoi(m_lpConfig->GetSetting("threads")));
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:462:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/kopanocore-8.7.0/spooler/DAgent.cpp:264:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int new_ll = ll ? atoi(ll) : EC_LOGLEVEL_WARNING;
data/kopanocore-8.7.0/spooler/DAgent.cpp:506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuff[64];
data/kopanocore-8.7.0/spooler/DAgent.cpp:516:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(szBuff, "_%04d%02d%02d%02d%02d%02d_%08x.eml", tmResult.tm_year+1900, tmResult.tm_mon+1, tmResult.tm_mday, tmResult.tm_hour, tmResult.tm_min, tmResult.tm_sec, rand_mt());
data/kopanocore-8.7.0/spooler/DAgent.cpp:1128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szHeader[PATH_MAX] = {0}, szTemp[PATH_MAX] = {0};
data/kopanocore-8.7.0/spooler/DAgent.cpp:1129:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t szwHeader[PATH_MAX] = {0};
data/kopanocore-8.7.0/spooler/DAgent.cpp:1181:8: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(szTemp);
data/kopanocore-8.7.0/spooler/DAgent.cpp:1206:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(szTemp);
data/kopanocore-8.7.0/spooler/DAgent.cpp:2463:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096] = {0};
data/kopanocore-8.7.0/spooler/DAgent.cpp:2465:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "???");
data/kopanocore-8.7.0/spooler/DAgent.cpp:2471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[4096];
data/kopanocore-8.7.0/spooler/DAgent.cpp:2658:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *tmp = tmpfile();
data/kopanocore-8.7.0/spooler/DAgent.cpp:2704:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wbuffer[4096];
data/kopanocore-8.7.0/spooler/DAgent.cpp:3258:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(optarg, "rb");
data/kopanocore-8.7.0/spooler/Spooler.cpp:278:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[18];
data/kopanocore-8.7.0/spooler/Spooler.cpp:308:13: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
auto pid = vfork();
data/kopanocore-8.7.0/spooler/Spooler.cpp:541:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto ulMaxThreads = atoi(g_lpConfig->GetSetting("max_threads"));
data/kopanocore-8.7.0/spooler/Spooler.cpp:817:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int new_ll = ll ? atoi(ll) : EC_LOGLEVEL_WARNING;
data/kopanocore-8.7.0/spooler/Spooler.cpp:991:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
logfd = atoi(optarg);
data/kopanocore-8.7.0/spooler/Spooler.cpp:997:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ulPort = atoi(optarg);
data/kopanocore-8.7.0/spooler/Spooler.cpp:1048:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_lpLogger.reset(new(std::nothrow) ECLogger_Pipe(logfd, 0, atoi(g_lpConfig->GetSetting("log_level"))));
data/kopanocore-8.7.0/spooler/mailer.cpp:1523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/kopanocore-8.7.0/spooler/mailer.cpp:1532:41: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::unique_ptr<FILE, file_deleter> fp(fopen(fname.c_str(), "w"));
data/kopanocore-8.7.0/spooler/mailer.cpp:1673:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[256];
data/kopanocore-8.7.0/spooler/rules.cpp:289:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/kopanocore-8.7.0/spooler/rules.cpp:491:41: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::unique_ptr<FILE, file_deleter> fp(fopen(file, "r"));
data/kopanocore-8.7.0/swig/python/conversion.cpp:598:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpProp->Value.MVguid.lpguid[n], guid, size);
data/kopanocore-8.7.0/swig/python/conversion.cpp:1184:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpAction->actReply.guidReplyTemplate, ptr, size);
data/kopanocore-8.7.0/swig/python/conversion.cpp:1959:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lpList[i], ptr, sizeof(*lpList));
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:361:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(password, s, sizeof(password)-1);
data/kopanocore-8.7.0/ECtools/admin/admin.cpp:637:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ct.SetColumn(c, 1, stringify(strlen((LPSTR)lpPropmap->lpEntries[i].lpszValue)) + " bytes");
data/kopanocore-8.7.0/ECtools/archiver/ECIterators.h:33:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
_kc_hidden bool equal(const ECHierarchyIteratorBase &rhs) const
data/kopanocore-8.7.0/ECtools/archiver/ECIterators.h:58:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return ECHierarchyIteratorBase::equal(r);
data/kopanocore-8.7.0/ECtools/fsck/fsck-contact.cpp:50:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lpPropertyArray[i].Value.lpszA))
data/kopanocore-8.7.0/ECtools/monitor/ECQuotaMonitor.cpp:481:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strLine.compare(0, strlen("Subject:"), "Subject:") == 0)
data/kopanocore-8.7.0/ECtools/monitor/ECQuotaMonitor.cpp:482:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strSubject = strLine.substr(strLine.find_first_not_of(" ", strlen("Subject:")));
data/kopanocore-8.7.0/ECtools/scriptrun.cpp:21:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(n);
data/kopanocore-8.7.0/ECtools/storeadm.cpp:292:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ULONG url_len = strlen(url), neweid_size = eid_size + url_len;
data/kopanocore-8.7.0/caldav/CalDavProto.cpp:253:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strncmp(lpsPropVal->Value.lpszA, "IPF.Task", strlen("IPF.Task")))
data/kopanocore-8.7.0/caldav/CalDavProto.cpp:256:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strncmp(lpsPropVal->Value.lpszA, "IPF.Appointment", strlen("IPF.Appointment")))
data/kopanocore-8.7.0/caldav/CalDavProto.cpp:944:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((etype == VEVENT && strncmp(lpsPropVal->Value.lpszA, "IPF.Appointment", strlen("IPF.Appointment")))
data/kopanocore-8.7.0/caldav/CalDavProto.cpp:945:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (etype == VTODO && strncmp(lpsPropVal->Value.lpszA, "IPF.Task", strlen("IPF.Task"))))
data/kopanocore-8.7.0/caldav/CalDavProto.cpp:1602:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lpFoundProp && !strncmp (lpFoundProp->Value.lpszA, "IPF.Appointment", strlen("IPF.Appointment")))
data/kopanocore-8.7.0/caldav/CalDavProto.cpp:1604:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (lpFoundProp && !strncmp (lpFoundProp->Value.lpszA, "IPF.Task", strlen("IPF.Task")))
data/kopanocore-8.7.0/caldav/CalDavUtil.cpp:148:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wstrFldId.erase(0, wcslen(FOLDER_PREFIX));
data/kopanocore-8.7.0/common/ECChannel.cpp:730:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, i, strlen(i)) >= 0)
data/kopanocore-8.7.0/common/ECChannel.cpp:746:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) + 1 >= sizeof(sk.sun_path)) {
data/kopanocore-8.7.0/common/ECChannel.cpp:1068:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hints.ai_addrlen = sizeof(u) - sizeof(u.sun_path) + strlen(u.sun_path) + 1;
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:224:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = std::min(static_cast<size_t>(1023), strlen(szValue));
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:243:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(data, szValue, len);
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:254:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(szName) >= sizeof(key.s))
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:274:70: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
const char *ECConfigImpl::GetSetting(const char *szName, const char *equal,
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:278:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (value == equal || (value && equal && !strcmp(value, equal)))
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:278:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (value == equal || (value && equal && !strcmp(value, equal)))
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:278:58: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (value == equal || (value && equal && !strcmp(value, equal)))
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:476:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lpsKey->s) == 0 || szValue == NULL)
data/kopanocore-8.7.0/common/ECConfigImpl.cpp:589:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!s.second || strlen(s.second) == 0)
data/kopanocore-8.7.0/common/ECConfigImpl.h:61:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
const char *GetSetting(const char *name, const char *equal, const char *other) _kc_override;
data/kopanocore-8.7.0/common/ECLogger.cpp:559:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off = strlen(msgbuffer);
data/kopanocore-8.7.0/common/ECLogger.cpp:561:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msgbuffer + off, message, rem);
data/kopanocore-8.7.0/common/ECLogger.cpp:562:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rem <= strlen(message))
data/kopanocore-8.7.0/common/ECLogger.cpp:565:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xwrite(msgbuffer, strlen(msgbuffer) + 1);
data/kopanocore-8.7.0/common/ECLogger.cpp:587:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off = strlen(msgbuffer);
data/kopanocore-8.7.0/common/ECLogger.cpp:593:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xwrite(msgbuffer, strlen(msgbuffer) + 1);
data/kopanocore-8.7.0/common/ECLogger.cpp:691:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(readfd, buffer, sizeof buffer);
data/kopanocore-8.7.0/common/ECLogger.cpp:705:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = strlen(p); // find string in read buffer
data/kopanocore-8.7.0/common/UnixUtil.cpp:204:8: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(pidfile, "%255s", tmp) < 1)
data/kopanocore-8.7.0/common/UnixUtil.cpp:208:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tmp) < strlen(argv0)) {
data/kopanocore-8.7.0/common/UnixUtil.cpp:208:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tmp) < strlen(argv0)) {
data/kopanocore-8.7.0/common/UnixUtil.cpp:412:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t z = strlen(buffer);
data/kopanocore-8.7.0/common/charset/convert.cpp:208:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto tocode = new char[strlen(key.tocode)+1];
data/kopanocore-8.7.0/common/charset/convert.cpp:209:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tocode, key.tocode, strlen(key.tocode) + 1);
data/kopanocore-8.7.0/common/charset/convert.cpp:217:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto fromcode = new char[strlen(key.fromcode)+1];
data/kopanocore-8.7.0/common/charset/convert.cpp:218:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(fromcode, key.fromcode, strlen(key.fromcode) + 1);
data/kopanocore-8.7.0/common/fileutil.cpp:227:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t ret = read(fd, buf, len);
data/kopanocore-8.7.0/common/include/kopano/ECConfig.h:44:74: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
_kc_hidden virtual const char *GetSetting(const char *name, const char *equal, const char *other) = 0;
data/kopanocore-8.7.0/common/include/kopano/charset/convert.h:622:49: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((_flags) & MAPI_UNICODE) ? sizeof(wchar_t) * wcslen((wchar_t*)(_ptr)) : strlen((char*)(_ptr)), \
data/kopanocore-8.7.0/common/include/kopano/charset/convert.h:622:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((_flags) & MAPI_UNICODE) ? sizeof(wchar_t) * wcslen((wchar_t*)(_ptr)) : strlen((char*)(_ptr)), \
data/kopanocore-8.7.0/common/include/kopano/charset/traits.h:57:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(from);
data/kopanocore-8.7.0/common/include/kopano/charset/traits.h:70:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(from);
data/kopanocore-8.7.0/common/include/kopano/charset/traits.h:128:10: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return wcslen(from) * sizeof(wchar_t);
data/kopanocore-8.7.0/common/include/kopano/charset/traits.h:141:10: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return wcslen(from) * sizeof(wchar_t);
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:403:9: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return wcslen((WCHAR *)str);
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:412:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/kopanocore-8.7.0/common/include/kopano/platform.linux.h:412:17: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/kopanocore-8.7.0/common/platform.linux.cpp:103:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int rc = read(fd, p, n);
data/kopanocore-8.7.0/common/stringutil.cpp:75:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insResult.first->second.assign(m_converter.convert_to<std::wstring>(lpsz, strlen(lpsz), "UTF-8"));
data/kopanocore-8.7.0/common/stringutil.cpp:609:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, src, n);
data/kopanocore-8.7.0/common/stringutil.cpp:742:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
o.reserve(strlen(s));
data/kopanocore-8.7.0/common/stringutil.cpp:743:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::copy_if(s, s + strlen(s), std::back_inserter(o),
data/kopanocore-8.7.0/common/stringutil.cpp:820:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *cset_end = cset + strlen(cset);
data/kopanocore-8.7.0/gateway/Gateway.cpp:99:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(g_lpConfig->GetSetting("ssl_private_key_file")) > 0 &&
data/kopanocore-8.7.0/gateway/Gateway.cpp:100:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(g_lpConfig->GetSetting("ssl_certificate_file")) > 0) {
data/kopanocore-8.7.0/gateway/IMAP.cpp:2561:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int cbEntryID = 0, ulObjType = 0, size, read, cb = 0;
data/kopanocore-8.7.0/gateway/IMAP.cpp:2573:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hr = lpStream->Read(&size, sizeof(ULONG), &read);
data/kopanocore-8.7.0/gateway/IMAP.cpp:2574:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (hr != hrSuccess || read != sizeof(ULONG))
data/kopanocore-8.7.0/gateway/IMAP.cpp:2583:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hr = lpStream->Read(&cb, sizeof(ULONG), &read);
data/kopanocore-8.7.0/gateway/IMAP.cpp:2584:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (hr != hrSuccess || read != sizeof(ULONG))
data/kopanocore-8.7.0/gateway/IMAP.cpp:2588:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hr = lpStream->Read(lpb.get(), cb, &read);
data/kopanocore-8.7.0/gateway/IMAP.cpp:2589:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (hr != hrSuccess || read != cb)
data/kopanocore-8.7.0/gateway/IMAP.cpp:3351:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bSkipOpen = (headers != nullptr && strlen(headers->Value.lpszA) > 0 && size != nullptr);
data/kopanocore-8.7.0/gateway/IMAP.cpp:3571:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strReply.erase(ulPos, strlen(".PEEK"));
data/kopanocore-8.7.0/gateway/IMAP.cpp:3728:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulHeaderBegin = std::distance(strMessage.c_str(), ptr) + strlen("boundary=");
data/kopanocore-8.7.0/gateway/IMAP.h:315:86: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::string PropsToFlags(LPSPropValue props, unsigned int nprops, bool recent, bool read);
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:590:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(name.c_str(), vmime::fields::RECEIVED, strlen(vmime::fields::RECEIVED)) == 0 ||
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:594:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(name.c_str(), "list-", strlen("list-")) == 0 ||
data/kopanocore-8.7.0/inetmapi/MAPIToVMIME.cpp:846:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sopt.charset_upgrade && strlen(sopt.charset_upgrade))
data/kopanocore-8.7.0/inetmapi/VMIMEToMAPI.cpp:2895:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(lpMessageClass->Value.lpszA, "IPM.Schedule.Meeting.", strlen("IPM.Schedule.Meeting.")) != 0)
data/kopanocore-8.7.0/inetmapi/inetmapi.cpp:82:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return string(id, strlen(id));
data/kopanocore-8.7.0/inetmapi/inputStreamMAPIAdapter.cpp:14:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t inputStreamMAPIAdapter::read(unsigned char *data, size_t count)
data/kopanocore-8.7.0/inetmapi/inputStreamMAPIAdapter.h:20:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read(vmime::byte_t *, size_t) override;
data/kopanocore-8.7.0/inetmapi/tnef.cpp:673:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulLen = strlen(lpProp->Value.MVszA.lppszA[ulMVProp])+1;
data/kopanocore-8.7.0/inetmapi/tnef.cpp:680:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulLen = strlen(lpProp->Value.lpszA)+1;
data/kopanocore-8.7.0/libicalmapi/MAPIToICal.cpp:128:135: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strcasecmp(lpMessageClass->Value.lpszA, "IPM.Appointment") == 0 || strncasecmp(lpMessageClass->Value.lpszA, "IPM.Schedule", strlen("IPM.Schedule")) == 0)
data/kopanocore-8.7.0/libicalmapi/mapitovcf.cpp:59:46: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PROP_TYPE(s.ulPropTag) == PT_UNICODE && wcslen(s.Value.lpszW) == 0)
data/kopanocore-8.7.0/libicalmapi/mapitovcf.cpp:61:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (PROP_TYPE(s.ulPropTag) == PT_STRING8 && strlen(s.Value.lpszA) == 0)
data/kopanocore-8.7.0/libicalmapi/mapitovcf.cpp:103:45: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (node == nullptr || value == nullptr || wcslen(value) == 0)
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:64:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::unique_ptr<VObject, ical_deleter> root(Parse_MIME(utf8string, strlen(utf8string)));
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:514:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto ret = MAPIAllocateBuffer(strlen(val) + 1, reinterpret_cast<void **>(&s.Value.lpszA));
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:522:52: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto ret = MAPIAllocateBuffer(sizeof(wchar_t) * (wcslen(uval) + 1), reinterpret_cast<void **>(&s.Value.lpszW));
data/kopanocore-8.7.0/libicalmapi/vcftomapi.cpp:563:51: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto ret = MAPIAllocateBuffer(sizeof(wchar_t) * (wcslen(v) + 1),
data/kopanocore-8.7.0/libicalmapi/vconverter.cpp:58:14: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto len = (wcslen(src) + 1) * sizeof(*src);
data/kopanocore-8.7.0/libicalmapi/vconverter.cpp:1213:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strSuffix.erase(0, strlen("X-MOZ-SNOOZE-TIME-"));
data/kopanocore-8.7.0/libicalmapi/vevent.cpp:308:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strTmp.erase(0,strlen("X-MS-OLK-ORIGINAL"));
data/kopanocore-8.7.0/libicalmapi/vevent.cpp:314:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strTmp.erase(0,strlen("X-MS-OLK-ORIGINAL"));
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:242:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto szProfName = make_unique_nt<char[]>(strlen(PROFILEPREFIX) + 10 + 1);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:248:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(szProfName.get(), strlen(PROFILEPREFIX)+10+1, "%s%010u", PROFILEPREFIX, rand_mt());
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:443:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strOneOff.append(name, strlen(name) + 1);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:446:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strOneOff.append(atyp, strlen(atyp) + 1);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:447:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strOneOff.append(addr, strlen(addr) + 1);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:623:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int sizeEmailType = lpszEmailType != nullptr ? strlen(lpszEmailType) : 0;
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:624:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int sizeEmail = lpszEmail != nullptr ? strlen(lpszEmail) : 0;
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:760:62: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ulType == MAPI_DISTLIST && (lpSMTPAddress == NULL || wcslen(lpSMTPAddress->Value.lpszW) == 0)) {
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1246:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchStringSize = lpSearchString?strlen(lpSearchString):0;
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1247:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchDataSize = lpSearchData?strlen(lpSearchData):0;
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1251:41: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchStringSize = lpwSearchString?wcslen(lpwSearchString):0;
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1252:37: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchDataSize = lpwSearchData?wcslen(lpwSearchData):0;
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1608:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_sMAPINameId.Kind.lpwstrName = new WCHAR[strlen(strId)+1];
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1609:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mbstowcs(m_sMAPINameId.Kind.lpwstrName, strId, strlen(strId)+1);
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1622:51: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_sMAPINameId.Kind.lpwstrName = new WCHAR[wcslen( other.m_sMAPINameId.Kind.lpwstrName )+1];
data/kopanocore-8.7.0/m4lcommon/CommonUtil.cpp:1867:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto cbDLLName = strlen(reinterpret_cast<const char *>(lpOrigEntry) + cbRemove) + 1;
data/kopanocore-8.7.0/m4lcommon/MAPINotifSink.cpp:48:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return KAllocCopy(lpSrc, strlen(lpSrc) + 1, reinterpret_cast<void **>(lpDst), lpBase);
data/kopanocore-8.7.0/m4lcommon/MAPINotifSink.cpp:56:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return KAllocCopy(lpSrc, (wcslen(lpSrc) + 1) * sizeof(WCHAR), reinterpret_cast<void **>(lpDst), lpBase);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:348:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = lpfAllocMore(wcslen(lpSrc->Value.lpszW)*sizeof(wchar_t)+sizeof(wchar_t), lpBase, (void**)&lpDest->Value.lpszW);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:356:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = lpfAllocMore(strlen(lpSrc->Value.lpszA) + 1, lpBase, (void**)&lpDest->Value.lpszA);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:471:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int datalength = strlen(lpSrc->Value.MVszA.lppszA[i]) + 1;
data/kopanocore-8.7.0/m4lcommon/Util.cpp:484:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = lpfAllocMore(wcslen(lpSrc->Value.MVszW.lppszW[i]) * sizeof(WCHAR) + sizeof(WCHAR), lpBase, (void**)&lpDest->Value.MVszW.lppszW[i]);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1167:32: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return lpProp->Value.lpszW ? wcslen(lpProp->Value.lpszW) : 0;
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1169:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return lpProp->Value.lpszA ? strlen(lpProp->Value.lpszA) : 0;
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1191:48: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize += (lpProp->Value.MVszW.lppszW[i]) ? wcslen(lpProp->Value.MVszW.lppszW[i]) : 0;
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1196:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize += (lpProp->Value.MVszA.lppszA[i]) ? strlen(lpProp->Value.MVszA.lppszA[i]) : 0;
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1274:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = html->Write(header1, strlen(header1), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1278:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = html->Write(lpszCharset, strlen(lpszCharset), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1282:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = html->Write(header2, strlen(header2), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1343:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = html->Write(footer, strlen(footer), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1421:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rtf->Write(header, strlen(header), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1462:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rtf->Write(hex, strlen(hex), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1467:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rtf->Write(hex, strlen(hex), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1475:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rtf->Write(footer, strlen(footer), NULL);
data/kopanocore-8.7.0/m4lcommon/Util.cpp:1583:25: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = MAPIAllocateMore((_tcslen(lpszError) + 1) * sizeof(*lpszError), lpBase, reinterpret_cast<void **>(lppszError));
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:79:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto pos = strFilename.rfind(".inf", strFilename.size(), strlen(".inf"));
data/kopanocore-8.7.0/mapi4linux/src/m4l.mapisvc.cpp:80:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos == std::string::npos || strFilename.size() - pos != strlen(".inf"))
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:2290:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z = strlen(p.Value.lpszA);
data/kopanocore-8.7.0/mapi4linux/src/mapix.cpp:2295:8: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z = wcslen(p.Value.lpszW) * sizeof(wchar_t);
data/kopanocore-8.7.0/mapi4linux/src/rtf.cpp:55:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int prebufSize = strlen(lpPrebuf);
data/kopanocore-8.7.0/php-ext/main.cpp:890:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
server_len = strlen(server);
data/kopanocore-8.7.0/php-ext/main.cpp:6852:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAPI_G(hr) = ECMemStream::Create(lpBuffer.get(), strlen(lpBuffer.get()), 0, nullptr, nullptr, nullptr, &~lpMemStream);
data/kopanocore-8.7.0/php-ext/typeconversion.cpp:1086:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lpProp->Value.lpszA, valueEntry[0]->value.str.val, valueEntry[0]->value.str.len+1);
data/kopanocore-8.7.0/php7-ext/main.cpp:904:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
server_len = strlen(server);
data/kopanocore-8.7.0/php7-ext/main.cpp:6725:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAPI_G(hr) = ECMemStream::Create(lpBuffer.get(), strlen(lpBuffer.get()), 0, nullptr, nullptr, nullptr, &~lpMemStream);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:340:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lpPropValue[cvalues++].Value.lpszA, entry->value.str->val, entry->value.str->len+1);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:454:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lpPropValue[cvalues].Value.MVszA.lppszA[h++], dataEntry->value.str->val, dataEntry->value.str->len + 1);
data/kopanocore-8.7.0/php7-ext/typeconversion.cpp:1099:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lpProp->Value.lpszA, valueEntry->value.str->val, valueEntry->value.str->len+1);
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:55:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int size = strlen(lpszProviderDisplay) + 1;
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:114:41: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ulSize = sizeof(TCHAR) * (_tcslen(lpUser->lpszFullName) + 1);
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:126:28: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize = sizeof(TCHAR) * (_tcslen(lpUser->lpszMailAddress) + 1);
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:132:28: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize = sizeof(TCHAR) * (_tcslen(TRANSPORT_ADDRESS_TYPE_ZARAFA) + 1);
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:275:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strBodyText+= convert_to<tstring>(szTime, strlen(szTime), CHARSET_CHAR);
data/kopanocore-8.7.0/provider/client/ClientUtil.cpp:288:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strBodyText+= convert_to<tstring>(szTime, strlen(szTime), CHARSET_CHAR);
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:209:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = (wcslen(lpszW) + 1) * sizeof(WCHAR);
data/kopanocore-8.7.0/provider/client/ECABContainer.cpp:226:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = (strlen(lpszA) + 1) * sizeof(CHAR);
data/kopanocore-8.7.0/provider/client/ECExchangeModifyTable.cpp:39:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str1252.reserve(strlen(szWTF1252));
data/kopanocore-8.7.0/provider/client/ECExchangeModifyTable.cpp:242:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sPropXML.Value.bin.cb = strlen(szXML.get());
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:415:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECMemStream::Create(lpsPropValue->Value.lpszA, strlen(lpsPropValue->Value.lpszA), ulInterfaceOptions,
data/kopanocore-8.7.0/provider/client/ECMAPIProp.cpp:420:63: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECMemStream::Create((char*)lpsPropValue->Value.lpszW, wcslen(lpsPropValue->Value.lpszW)*sizeof(WCHAR), ulInterfaceOptions,
data/kopanocore-8.7.0/provider/client/ECMessage.cpp:2045:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copy.Value.bin.cb = strlen(lpData);
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:2105:28: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lpszContainerClass && _tcslen(lpszContainerClass) > 0) {
data/kopanocore-8.7.0/provider/client/ECMsgStore.cpp:2110:24: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECAllocateMore((_tcslen(lpszContainerClass) + 1) * sizeof(TCHAR), lpPropValue,
data/kopanocore-8.7.0/provider/client/ECNamedProp.cpp:392:24: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECAllocateMore(wcslen(lpSrc->Kind.lpwstrName) * sizeof(wchar_t) + sizeof(wchar_t),
data/kopanocore-8.7.0/provider/client/ECNamedProp.cpp:395:24: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECAllocateMore(wcslen(lpSrc->Kind.lpwstrName) * sizeof(wchar_t) + sizeof(wchar_t),
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:206:28: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ulNewSize = wcslen(lpsProp->Value.lpszW) + 1;
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:429:44: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (Value.MVszW.lppszW[i] == nullptr || wcslen(Value.MVszW.lppszW[i]) < wstrTmp.length()) {
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:466:44: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (Value.MVszW.lppszW[i] == nullptr || wcslen(Value.MVszW.lppszW[i]) < wcslen(lpsProp->Value.MVszW.lppszW[i])) {
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:466:76: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (Value.MVszW.lppszW[i] == nullptr || wcslen(Value.MVszW.lppszW[i]) < wcslen(lpsProp->Value.MVszW.lppszW[i])) {
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:468:41: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Value.MVszW.lppszW[i] = new wchar_t[wcslen(lpsProp->Value.MVszW.lppszW[i]) + sizeof(wchar_t)];
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:666:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECAllocateMore(sizeof(wchar_t) * (wcslen(Value.lpszW) + 1), lpBase, reinterpret_cast<void **>(&lpsProp->Value.lpszW));
data/kopanocore-8.7.0/provider/client/ECPropertyEntry.cpp:838:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = ECAllocateMore(sizeof(wchar_t) * (wcslen(Value.MVszW.lppszW[i]) + 1), lpBase, reinterpret_cast<void **>(&lpsProp->Value.MVszW.lppszW[i]));
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:1252:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen(sReceiveFolders.sFolderArray.__ptr[i].lpszAExplicitClass)+1;
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3493:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulLen = strlen(sResponse.lpszServerPath) + 1;
data/kopanocore-8.7.0/provider/client/WSTransport.cpp:3853:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = MAPIAllocateBuffer(strlen(sResponse.szValue)+1, (void **)&szValue);
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:1953:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ulSize = lpsStoreId->__size+strlen(lpszServerName)+1-4;
data/kopanocore-8.7.0/provider/client/WSUtil.cpp:2069:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nLen = strlen(lpSrc->newmail->lpszMessageClass)+1;
data/kopanocore-8.7.0/provider/common/SOAPAlloc.h:42:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = s_alloc<char>(soap, strlen(str)+1);
data/kopanocore-8.7.0/provider/common/SOAPSock.cpp:29:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(endpoint) + strlen(soap->http_version) > sizeof(soap->tmpbuf) - 80
data/kopanocore-8.7.0/provider/common/SOAPSock.cpp:29:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(endpoint) + strlen(soap->http_version) > sizeof(soap->tmpbuf) - 80
data/kopanocore-8.7.0/provider/common/SOAPSock.cpp:30:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(host) + strlen(soap->http_version) > sizeof(soap->tmpbuf) - 80)
data/kopanocore-8.7.0/provider/common/SOAPSock.cpp:30:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(host) + strlen(soap->http_version) > sizeof(soap->tmpbuf) - 80)
data/kopanocore-8.7.0/provider/common/SOAPSock.cpp:66:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(socket_name) >= sizeof(saddr.sun_path))
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:671:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return lpProp->Value.lpszA ? strlen(lpProp->Value.lpszA) : 0;
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:693:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize += lpProp->Value.mvszA.__ptr[i] ? strlen(lpProp->Value.mvszA.__ptr[i]) : 0;
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:970:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = !bTruncate ? strlen(lpSrc->Value.lpszA) :
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:973:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lpDst->Value.lpszA, lpSrc->Value.lpszA, len);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1040:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpDst->Value.mvszA.__ptr[i] = s_alloc<char>(soap, strlen(lpSrc->Value.mvszA.__ptr[i]) + 1);
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1042:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(lpDst->Value.mvszA.__ptr[i], "");
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:1393:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = (int)strlen(lpNotification->newmail->lpszMessageClass)+1;
data/kopanocore-8.7.0/provider/common/SOAPUtils.cpp:2061:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize += (unsigned int)strlen(lpNotification->newmail->lpszMessageClass)+1;
data/kopanocore-8.7.0/provider/include/kcore.hpp:119:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CbNewABEID(p) ((sizeof(ABEID) + strlen(p) + 4) / 4 * 4)
data/kopanocore-8.7.0/provider/include/kcore.hpp:172:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CbNewEID(p) ((sizeof(EID) + strlen(p) + 4) / 4 * 4)
data/kopanocore-8.7.0/provider/libserver/ECCacheManager.cpp:1873:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSize += p.second.Value.lpszA != nullptr ? strlen(p.second.Value.lpszA) : 0;
data/kopanocore-8.7.0/provider/libserver/ECGenProps.cpp:265:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t newlength = strlen(lpszColon);
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:1614:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchStringSize = (lpSearchString) ? strlen(lpSearchString) : 0;
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:1627:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchDataSize = (lpSearchData) ? strlen(lpSearchData) : 0;
data/kopanocore-8.7.0/provider/libserver/ECGenericObjectTable.cpp:1634:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulSearchDataSize = (lpSearchData) ? strlen(lpSearchData) : 0;
data/kopanocore-8.7.0/provider/libserver/ECServerEntrypoint.cpp:104:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(szProxy) > 0 && strcasecmp(key, szProxy) == 0)
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:973:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0) {
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1273:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read(m_stderr, buffer, NTLMBUFFER-1);
data/kopanocore-8.7.0/provider/libserver/ECSession.cpp:1285:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read(m_stdout, buffer, NTLMBUFFER-1);
data/kopanocore-8.7.0/provider/libserver/ECStringCompat.cpp:21:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str1252.reserve(strlen(szWTF1252));
data/kopanocore-8.7.0/provider/libserver/ECStringCompat.cpp:40:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str1252.reserve(strlen(szWTF1252));
data/kopanocore-8.7.0/provider/libserver/ECUserManagement.cpp:991:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(szName) == 0)
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:228:56: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (size_t total = 0; total < nmemb * size; total += read) {
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:229:84: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
er = m_lpBuffer->Read(buffer, std::min(sizeof(buffer), (size * nmemb) - total), &read);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:703:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ulLen = strlen(sPropVal.Value.lpszA);
data/kopanocore-8.7.0/provider/libserver/StreamUtil.cpp:765:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ulLen = strlen(sPropVal.Value.mvszA.__ptr[x]);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:4131:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(lpszMessageClass) != 0)
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:4411:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!read)
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7405:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto newname = s_alloc<char>(soap, strlen(lpDBRow[0]) + 1);
data/kopanocore-8.7.0/provider/libserver/cmd.cpp:7406:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(newname, lpDBRow[0], strlen(lpDBRow[0]) + 1);
data/kopanocore-8.7.0/provider/libserver/cmdutil.cpp:1393:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpsNames->__ptr[i].lpString = s_alloc<char>(soap, strlen(lpDBRow[1]) + 1);
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:156:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(lpDBRow[2], "0x", strlen("0x")) == 0) {
data/kopanocore-8.7.0/provider/plugins/DBBase.cpp:204:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(lpDBRow[0], "0x", strlen("0x")) == 0) {
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:471:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ldap_uri && strlen(ldap_uri))
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:1828:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcasecmp(se.szValue, att) != 0 || strncasecmp(se.szName, "0x", strlen("0x")) != 0)
data/kopanocore-8.7.0/provider/plugins/LDAPUserPlugin.cpp:2307:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(member_attr_rel == NULL || strlen(member_attr_rel) == 0)
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:76:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return password_check_crypt(password, strlen(password), crypted);
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:78:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return password_check_md5(password, strlen(password), crypted);
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:80:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return password_check_smd5(password, strlen(password), crypted);
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:82:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return password_check_ssha(password, strlen(password), crypted, false);
data/kopanocore-8.7.0/provider/plugins/ldappasswords.cpp:84:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return password_check_ssha(password, strlen(password), crypted, true);
data/kopanocore-8.7.0/provider/server/ECServer.cpp:1177:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (issuer && strlen(issuer) > 0) {
data/kopanocore-8.7.0/provider/server/ECThreadManager.cpp:465:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(m_fdRescanRead, s, sizeof(s));
data/kopanocore-8.7.0/spooler/DAgent.cpp:337:67: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(wcsncasecmp(lpProps[0].Value.lpszW, L"IPM.Schedule.Meeting.", wcslen(L"IPM.Schedule.Meeting.")) != 0)
data/kopanocore-8.7.0/spooler/DAgent.cpp:1183:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, lpMessageProps[0].Value.lpszA, strlen(lpMessageProps[0].Value.lpszA));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1216:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1220:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1226:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1234:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1243:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1254:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1264:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (WriteOrLogError(fd, szHeader, strlen(szHeader)) != hrSuccess)
data/kopanocore-8.7.0/spooler/DAgent.cpp:1268:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1273:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1278:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:1283:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = WriteOrLogError(fd, szHeader, strlen(szHeader));
data/kopanocore-8.7.0/spooler/DAgent.cpp:3476:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(S_IRWXG | S_IRWXO);
data/kopanocore-8.7.0/spooler/LMTP.cpp:55:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(strCommand.c_str(), "LHLO", strlen("LHLO")) == 0)
data/kopanocore-8.7.0/spooler/LMTP.cpp:57:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(strCommand.c_str(), "MAIL FROM:", strlen("MAIL FROM:")) == 0)
data/kopanocore-8.7.0/spooler/LMTP.cpp:59:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(strCommand.c_str(), "RCPT TO:", strlen("RCPT TO:")) == 0)
data/kopanocore-8.7.0/spooler/LMTP.cpp:61:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(strCommand.c_str(), "DATA", strlen("DATA")) == 0)
data/kopanocore-8.7.0/spooler/LMTP.cpp:63:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(strCommand.c_str(), "RSET", strlen("RSET")) == 0)
data/kopanocore-8.7.0/spooler/LMTP.cpp:65:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(strCommand.c_str(), "QUIT", strlen("QUIT")) == 0)
data/kopanocore-8.7.0/spooler/Spooler.cpp:1108:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(S_IRWXG | S_IRWXO);
data/kopanocore-8.7.0/spooler/mailer.cpp:154:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(lpSMTPAddress->Value.lpszW) > 0)
data/kopanocore-8.7.0/spooler/rules.cpp:263:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = pos ? pos + strlen("<body") : strHTML.c_str();
data/kopanocore-8.7.0/swig/python/conversion.cpp:218:59: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Value.reset(PyUnicode_FromWideChar(lpProp->Value.lpszW, wcslen(lpProp->Value.lpszW)));
data/kopanocore-8.7.0/swig/python/conversion.cpp:311:14: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = wcslen(lpProp->Value.MVszW.lppszW[i]);
data/kopanocore-8.7.0/swig/python/conversion.cpp:1631:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Py_ssize_t strlen;
data/kopanocore-8.7.0/swig/python/conversion.cpp:1633:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PyString_AsStringAndSize(elem, &ptr, &strlen) == -1 ||
data/kopanocore-8.7.0/swig/python/conversion.cpp:1637:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpEntryList->lpbin[i].cb = strlen;
data/kopanocore-8.7.0/swig/python/conversion.cpp:1638:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (KAllocCopy(ptr, strlen, reinterpret_cast<void **>(&lpEntryList->lpbin[i].lpb), lpEntryList) != hrSuccess)
data/kopanocore-8.7.0/swig/python/conversion.cpp:1950:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PyString_AsStringAndSize(elem, &ptr, &strlen) == -1 ||
data/kopanocore-8.7.0/swig/python/conversion.cpp:1954:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen != sizeof(*lpList)) {
data/kopanocore-8.7.0/swig/python/conversion.cpp:2080:54: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MVPropValue.reset(PyUnicode_FromWideChar(strval, wcslen(strval)));
data/kopanocore-8.7.0/swig/python/conversion.cpp:2425:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PyString_AsStringAndSize(elem, &ptr, &strlen) == -1 ||
data/kopanocore-8.7.0/swig/python/conversion.cpp:2428:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hr = KAllocCopy(ptr, strlen, reinterpret_cast<void **>(&lpSvrNameList->lpszaServer[lpSvrNameList->cServers]), lpSvrNameList);
ANALYSIS SUMMARY:
Hits = 1349
Lines analyzed = 236304 in approximately 10.86 seconds (21753 lines/second)
Physical Source Lines of Code (SLOC) = 175296
Hits@level = [0] 333 [1] 256 [2] 905 [3] 42 [4] 141 [5] 5
Hits@level+ = [0+] 1682 [1+] 1349 [2+] 1093 [3+] 188 [4+] 146 [5+] 5
Hits/KSLOC@level+ = [0+] 9.5952 [1+] 7.69555 [2+] 6.23517 [3+] 1.07247 [4+] 0.832877 [5+] 0.0285232
Symlinks skipped = 1 (--allowlink overrides but see doc for security issue)
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.