Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/laszip-3.4.3/dll/laszip_api.c
Examining data/laszip-3.4.3/example/laszipdllexample.cpp
Examining data/laszip-3.4.3/example/laszippertest.cpp
Examining data/laszip-3.4.3/include/laszip/laszip_api.h
Examining data/laszip-3.4.3/src/arithmeticdecoder.cpp
Examining data/laszip-3.4.3/src/arithmeticdecoder.hpp
Examining data/laszip-3.4.3/src/arithmeticencoder.cpp
Examining data/laszip-3.4.3/src/arithmeticencoder.hpp
Examining data/laszip-3.4.3/src/arithmeticmodel.cpp
Examining data/laszip-3.4.3/src/arithmeticmodel.hpp
Examining data/laszip-3.4.3/src/bytestreamin.hpp
Examining data/laszip-3.4.3/src/bytestreamin_array.hpp
Examining data/laszip-3.4.3/src/bytestreamin_file.hpp
Examining data/laszip-3.4.3/src/bytestreamin_istream.hpp
Examining data/laszip-3.4.3/src/bytestreaminout.hpp
Examining data/laszip-3.4.3/src/bytestreaminout_file.hpp
Examining data/laszip-3.4.3/src/bytestreamout.hpp
Examining data/laszip-3.4.3/src/bytestreamout_array.hpp
Examining data/laszip-3.4.3/src/bytestreamout_file.hpp
Examining data/laszip-3.4.3/src/bytestreamout_nil.hpp
Examining data/laszip-3.4.3/src/bytestreamout_ostream.hpp
Examining data/laszip-3.4.3/src/endian.hpp
Examining data/laszip-3.4.3/src/integercompressor.cpp
Examining data/laszip-3.4.3/src/integercompressor.hpp
Examining data/laszip-3.4.3/src/lasattributer.hpp
Examining data/laszip-3.4.3/src/lasindex.cpp
Examining data/laszip-3.4.3/src/lasindex.hpp
Examining data/laszip-3.4.3/src/lasinterval.cpp
Examining data/laszip-3.4.3/src/lasinterval.hpp
Examining data/laszip-3.4.3/src/laspoint.hpp
Examining data/laszip-3.4.3/src/lasquadtree.cpp
Examining data/laszip-3.4.3/src/lasquadtree.hpp
Examining data/laszip-3.4.3/src/lasquantizer.hpp
Examining data/laszip-3.4.3/src/lasreaditem.hpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v1.hpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v2.hpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v3.hpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp
Examining data/laszip-3.4.3/src/lasreaditemcompressed_v4.hpp
Examining data/laszip-3.4.3/src/lasreaditemraw.hpp
Examining data/laszip-3.4.3/src/lasreadpoint.cpp
Examining data/laszip-3.4.3/src/lasreadpoint.hpp
Examining data/laszip-3.4.3/src/lasunzipper.cpp
Examining data/laszip-3.4.3/src/lasunzipper.hpp
Examining data/laszip-3.4.3/src/laswriteitem.hpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v1.hpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v2.hpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v3.hpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp
Examining data/laszip-3.4.3/src/laswriteitemcompressed_v4.hpp
Examining data/laszip-3.4.3/src/laswriteitemraw.hpp
Examining data/laszip-3.4.3/src/laswritepoint.cpp
Examining data/laszip-3.4.3/src/laswritepoint.hpp
Examining data/laszip-3.4.3/src/laszip.cpp
Examining data/laszip-3.4.3/src/laszip.hpp
Examining data/laszip-3.4.3/src/laszip_common_v1.hpp
Examining data/laszip-3.4.3/src/laszip_common_v2.hpp
Examining data/laszip-3.4.3/src/laszip_common_v3.hpp
Examining data/laszip-3.4.3/src/laszip_decompress_selective_v3.hpp
Examining data/laszip-3.4.3/src/laszip_dll.cpp
Examining data/laszip-3.4.3/src/laszipper.cpp
Examining data/laszip-3.4.3/src/laszipper.hpp
Examining data/laszip-3.4.3/src/mydefs.cpp
Examining data/laszip-3.4.3/src/mydefs.hpp
Examining data/laszip-3.4.3/unused/rangedecoder.cpp
Examining data/laszip-3.4.3/unused/rangedecoder.hpp
Examining data/laszip-3.4.3/unused/rangeencoder.cpp
Examining data/laszip-3.4.3/unused/rangeencoder.hpp
Examining data/laszip-3.4.3/unused/rangemodel.cpp
Examining data/laszip-3.4.3/unused/rangemodel.hpp
FINAL RESULTS:
data/laszip-3.4.3/example/laszippertest.cpp:250:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/laszip-3.4.3/example/laszippertest.cpp:255:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(settings->logfile, format, args);
data/laszip-3.4.3/src/lasunzipper.cpp:121:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s (LASzip v%d.%dr%d)", error, LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION);
data/laszip-3.4.3/src/laszip.cpp:199:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s (LASzip v%d.%dr%d)", error, LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION);
data/laszip-3.4.3/src/laszip_dll.cpp:1386:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "cannot add attribute '%s' to attributer", name);
data/laszip-3.4.3/src/laszip_dll.cpp:1392:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "adding the new extra bytes VLR with the additional attribute '%s'", name);
data/laszip-3.4.3/src/laszip_dll.cpp:1598:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "cannot find VLR with user_id '%s' and record_id %d among the %u VLRs in the header", user_id, (I32)record_id, laszip_dll->header.number_of_variable_length_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1604:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "cannot remove VLR with user_id '%s' and record_id %d because header has no VLRs", user_id, (I32)record_id);
data/laszip-3.4.3/src/laszip_dll.cpp:2102:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "cannot add unknown U8 attribute '%s' of %d to attributer", unknown_name, number_of_existing_extrabytes);
data/laszip-3.4.3/src/laszip_dll.cpp:2928:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "cannot open file '%s'", file_name);
data/laszip-3.4.3/src/laszip_dll.cpp:3015:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "internal error in laszip_open_writer '%s'", file_name);
data/laszip-3.4.3/src/laszip_dll.cpp:3340:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "writing LAX file to '%s'", laszip_dll->lax_file_name);
data/laszip-3.4.3/src/laszip_dll.cpp:3965:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "%s upgrade to the latest release of LASzip or contact 'martin.isenburg@rapidlasso.com' for assistance", laszip->get_error());
data/laszip-3.4.3/src/laszip_dll.cpp:4343:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(laszip_dll->error, "cannot open file '%s'", file_name);
data/laszip-3.4.3/src/laszipper.cpp:115:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s (LASzip v%d.%dr%d)", error, LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION);
data/laszip-3.4.3/dll/laszip_api.c:945:9: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
#define LoadLibrary dlopen
data/laszip-3.4.3/dll/laszip_api.c:961:22: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
laszip_HINSTANCE = LoadLibrary(TEXT("LASzip64.dll"));
data/laszip-3.4.3/dll/laszip_api.c:963:22: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
laszip_HINSTANCE = LoadLibrary(TEXT("LASzip.dll"));
data/laszip-3.4.3/dll/laszip_api.c:966:22: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
laszip_HINSTANCE = LoadLibrary("liblaszip.dylib", RTLD_NOW);
data/laszip-3.4.3/dll/laszip_api.c:968:22: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
laszip_HINSTANCE = LoadLibrary("liblaszip.so", RTLD_NOW);
data/laszip-3.4.3/example/laszippertest.cpp:218:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Settings(unsigned int num_pts, bool random, bool use_stream) :
data/laszip-3.4.3/example/laszippertest.cpp:220:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
use_random(random),
data/laszip-3.4.3/example/laszippertest.cpp:323:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(settings->seed);
data/laszip-3.4.3/example/laszippertest.cpp:380:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(settings->seed);
data/laszip-3.4.3/example/laszippertest.cpp:456:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(i);
data/laszip-3.4.3/example/laszippertest.cpp:521:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(i);
data/laszip-3.4.3/example/laszippertest.cpp:600:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(settings->seed);
data/laszip-3.4.3/example/laszippertest.cpp:671:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(i);
data/laszip-3.4.3/example/laszipdllexample.cpp:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256];
data/laszip-3.4.3/example/laszipdllexample.cpp:405:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_write->project_ID_GUID_data_4, header_read->project_ID_GUID_data_4, 8);
data/laszip-3.4.3/example/laszipdllexample.cpp:408:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_write->system_identifier, header_read->system_identifier, 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:409:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_write->generating_software, header_read->generating_software, 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:544:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->rgb, point_read->rgb, 8);
data/laszip-3.4.3/example/laszipdllexample.cpp:545:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->wave_packet, point_read->wave_packet, 29);
data/laszip-3.4.3/example/laszipdllexample.cpp:557:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->extra_bytes, point_read->extra_bytes, point_read->num_extra_bytes);
data/laszip-3.4.3/example/laszipdllexample.cpp:2531:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_write->project_ID_GUID_data_4, header_read->project_ID_GUID_data_4, 8);
data/laszip-3.4.3/example/laszipdllexample.cpp:2534:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_write->system_identifier, header_read->system_identifier, 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:2535:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_write->generating_software, header_read->generating_software, 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:2706:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->rgb, point_read->rgb, 8);
data/laszip-3.4.3/example/laszipdllexample.cpp:2717:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->extra_bytes, point_read->extra_bytes, point_read->num_extra_bytes);
data/laszip-3.4.3/example/laszipdllexample.cpp:3850:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->rgb, point_read->rgb, 8);
data/laszip-3.4.3/example/laszipdllexample.cpp:3870:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point_write->extra_bytes, point_read->extra_bytes, point_read->num_extra_bytes);
data/laszip-3.4.3/example/laszippertest.cpp:75:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofb.open(filename, ios::out);
data/laszip-3.4.3/example/laszippertest.cpp:80:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
streamo->open(filename, std::ios::out | std::ios::binary );
data/laszip-3.4.3/example/laszippertest.cpp:85:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofile = fopen(filename, "wb");
data/laszip-3.4.3/example/laszippertest.cpp:130:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifb.open(filename, ios::in);
data/laszip-3.4.3/example/laszippertest.cpp:135:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
streami->open(filename, std::ios::in | std::ios::binary);
data/laszip-3.4.3/example/laszippertest.cpp:140:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifile = fopen(filename, "rb");
data/laszip-3.4.3/example/laszippertest.cpp:223:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfile = fopen("zippertest.log","w");
data/laszip-3.4.3/example/laszippertest.cpp:274:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
success = zipper->open(*ost->streamo, laszip);
data/laszip-3.4.3/example/laszippertest.cpp:276:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
success = zipper->open(ost->ofile, laszip);
data/laszip-3.4.3/example/laszippertest.cpp:297:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
success = unzipper->open(*ist->streami, laszip);
data/laszip-3.4.3/example/laszippertest.cpp:299:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
success = unzipper->open(ist->ifile, laszip);
data/laszip-3.4.3/example/laszippertest.cpp:821:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_points = atoi(argv[i]);
data/laszip-3.4.3/example/laszippertest.cpp:838:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
user_seed = atoi(argv[i]);
data/laszip-3.4.3/src/bytestreamin_array.hpp:154:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)bytes, (void*)(data+curr), num_bytes);
data/laszip-3.4.3/src/bytestreamout_array.hpp:147:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(data+curr), bytes, num_bytes);
data/laszip-3.4.3/src/lasattributer.hpp:384:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->attributes, attributes, sizeof(LASattribute)*number_attributes);
data/laszip-3.4.3/src/lasindex.cpp:350:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(name, "rb");
data/laszip-3.4.3/src/lasindex.cpp:380:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
LASreader* lasreader = lasreadopener.open(file_name);
data/laszip-3.4.3/src/lasindex.cpp:393:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(file_name, "rb");
data/laszip-3.4.3/src/lasindex.cpp:463:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "rb+");
data/laszip-3.4.3/src/lasindex.cpp:472:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lax_evlr.user_id, "LAStools");
data/laszip-3.4.3/src/lasindex.cpp:474:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lax_evlr.description, "LAX spatial indexing (LASindex)");
data/laszip-3.4.3/src/lasindex.cpp:543:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(name, "wb");
data/laszip-3.4.3/src/lasindex.cpp:575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4];
data/laszip-3.4.3/src/lasinterval.cpp:578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4];
data/laszip-3.4.3/src/laspoint.hpp:185:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra_bytes, other.extra_bytes, extra_bytes_number);
data/laszip-3.4.3/src/laspoint.hpp:213:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &X, 14);
data/laszip-3.4.3/src/laspoint.hpp:220:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+22, &gps_time, 8);
data/laszip-3.4.3/src/laspoint.hpp:224:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &X, 20);
data/laszip-3.4.3/src/laspoint.hpp:230:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[b], point[i], items[i].size);
data/laszip-3.4.3/src/laspoint.hpp:239:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&X, buffer, 14);
data/laszip-3.4.3/src/laspoint.hpp:251:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&gps_time, buffer+22, 8);
data/laszip-3.4.3/src/laspoint.hpp:255:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&X, buffer, 20);
data/laszip-3.4.3/src/laspoint.hpp:261:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(point[i], &buffer[b], items[i].size);
data/laszip-3.4.3/src/laspoint.hpp:590:41: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
inline void set_RGB(const U16* rgb) { memcpy(this->rgb, rgb, sizeof(U16) * 3); };
data/laszip-3.4.3/src/laspoint.hpp:591:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
inline void set_RGBI(const U16* rgb) { memcpy(this->rgb, rgb, sizeof(U16) * 4); };
data/laszip-3.4.3/src/laspoint.hpp:672:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, extra_bytes + attributer->attribute_starts[index], attributer->attribute_sizes[index]);
data/laszip-3.4.3/src/laspoint.hpp:682:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra_bytes + attributer->attribute_starts[index], data, attributer->attribute_sizes[index]);
data/laszip-3.4.3/src/lasquadtree.cpp:589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4];
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:128:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 20);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, 20);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:401:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:420:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:483:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 28);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 28);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:561:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:572:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:128:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 20);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:237:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, 20);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:449:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:524:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:577:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:590:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, sizeof(LASpoint14));
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:992:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, sizeof(LASpoint14));
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1397:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1401:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1548:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 8);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1781:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1785:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1937:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 29);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:2093:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 29);
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:2239:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, number);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, sizeof(LASpoint14));
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:992:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, sizeof(LASpoint14));
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1397:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1401:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1548:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 8);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1781:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1785:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item, last_item, 6);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1937:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 29);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:2093:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 29);
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:2239:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, number);
data/laszip-3.4.3/src/lasreadpoint.cpp:511:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_error, "end-of-file during chunk with index %u", current_chunk);
data/laszip-3.4.3/src/lasreadpoint.cpp:515:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_error, "end-of-file");
data/laszip-3.4.3/src/lasreadpoint.cpp:521:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_error, "chunk with index %u of %u is corrupt", current_chunk, tabled_chunks);
data/laszip-3.4.3/src/lasreadpoint.cpp:553:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_error, "chunk with index %u of %u is corrupt", current_chunk, tabled_chunks);
data/laszip-3.4.3/src/lasreadpoint.cpp:609:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_error, "compressor was interrupted before writing adaptive chunk table of LAZ file");
data/laszip-3.4.3/src/lasreadpoint.cpp:624:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_warning, "compressor was interrupted before writing chunk table of LAZ file");
data/laszip-3.4.3/src/lasreadpoint.cpp:754:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_warning, "chunk table is missing. improper use of LAZ compressor?");
data/laszip-3.4.3/src/lasreadpoint.cpp:759:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_warning, "chunk table and %I64d bytes are missing. LAZ file truncated during copy or transfer?", chunk_table_start_position - last_position);
data/laszip-3.4.3/src/lasreadpoint.cpp:761:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_warning, "chunk table and %lld bytes are missing. LAZ file truncated during copy or transfer?", chunk_table_start_position - last_position);
data/laszip-3.4.3/src/lasreadpoint.cpp:768:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(last_warning, "corrupt chunk table");
data/laszip-3.4.3/src/lasunzipper.cpp:40:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool LASunzipper::open(FILE* infile, const LASzip* laszip)
data/laszip-3.4.3/src/lasunzipper.cpp:59:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool LASunzipper::open(istream& instream, const LASzip* laszip)
data/laszip-3.4.3/src/lasunzipper.cpp:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/laszip-3.4.3/src/lasunzipper.hpp:55:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(FILE* file, const LASzip* laszip);
data/laszip-3.4.3/src/lasunzipper.hpp:56:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(istream& stream, const LASzip* laszip);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 20);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 20);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:450:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:469:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:533:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 28);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:584:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 28);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:623:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/laswriteitemcompressed_v1.cpp:634:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp:134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 20);
data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp:229:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 20);
data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp:499:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp:551:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp:605:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/laswriteitemcompressed_v2.cpp:618:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, number);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:361:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, sizeof(LASpoint14));
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:745:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, sizeof(LASpoint14));
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:1206:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:1338:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:1497:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 8);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:1654:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 8);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:1828:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 29);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:1959:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 29);
data/laszip-3.4.3/src/laswriteitemcompressed_v3.cpp:2126:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, number);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:359:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, sizeof(LASpoint14));
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:743:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, sizeof(LASpoint14));
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:1204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:1336:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 6);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:1495:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 8);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:1652:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 8);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:1826:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, 29);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:1957:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_item, item, 29);
data/laszip-3.4.3/src/laswriteitemcompressed_v4.cpp:2124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contexts[context].last_item, item, number);
data/laszip-3.4.3/src/laszip.cpp:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/laszip-3.4.3/src/laszip.cpp:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[64];
data/laszip-3.4.3/src/laszip.cpp:209:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error, "compressor %d not supported", compressor);
data/laszip-3.4.3/src/laszip.cpp:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[64];
data/laszip-3.4.3/src/laszip.cpp:217:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error, "coder %d not supported", coder);
data/laszip-3.4.3/src/laszip.cpp:268:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[64];
data/laszip-3.4.3/src/laszip.cpp:269:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error, "item unknown (%d,%d,%d)", item->type, item->size, item->version);
data/laszip-3.4.3/src/laszip.cpp:290:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "point has size of %d but items only add up to %d bytes", point_size, size);
data/laszip-3.4.3/src/laszip.cpp:491:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[64];
data/laszip-3.4.3/src/laszip.cpp:492:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error, "point type %d unknown", point_type);
data/laszip-3.4.3/src/laszip_dll.cpp:240:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_get_error");
data/laszip-3.4.3/src/laszip_dll.cpp:263:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_get_warning");
data/laszip-3.4.3/src/laszip_dll.cpp:317:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot clean while reader is open.");
data/laszip-3.4.3/src/laszip_dll.cpp:323:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot clean while writer is open.");
data/laszip-3.4.3/src/laszip_dll.cpp:444:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->header.generating_software, "LASzip DLL %d.%d r%d (%d)", LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION, LASZIP_VERSION_BUILD_DATE);
data/laszip-3.4.3/src/laszip_dll.cpp:460:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_clean");
data/laszip-3.4.3/src/laszip_dll.cpp:505:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_header_struct pointer 'header_pointer' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:513:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_get_header_pointer");
data/laszip-3.4.3/src/laszip_dll.cpp:535:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_point_struct pointer 'point_pointer' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:543:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_get_point_pointer");
data/laszip-3.4.3/src/laszip_dll.cpp:565:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_I64 pointer 'count' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:571:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "getting count before reader or writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:579:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_get_point_count");
data/laszip-3.4.3/src/laszip_dll.cpp:601:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_header_struct pointer 'header' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:607:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set header after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:613:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set header after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:634:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.project_ID_GUID_data_4, header->project_ID_GUID_data_4, 8);
data/laszip-3.4.3/src/laszip_dll.cpp:637:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.system_identifier, header->system_identifier, 32);
data/laszip-3.4.3/src/laszip_dll.cpp:638:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.generating_software, header->generating_software, 32);
data/laszip-3.4.3/src/laszip_dll.cpp:684:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "header->user_data_in_header_size is %d but header->user_data_in_header is NULL", header->user_data_in_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:688:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.user_data_in_header, header->user_data_in_header, header->user_data_in_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:709:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.vlrs[i].user_id, header->vlrs[i].user_id, 16);
data/laszip-3.4.3/src/laszip_dll.cpp:712:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.vlrs[i].description, header->vlrs[i].description, 32);
data/laszip-3.4.3/src/laszip_dll.cpp:717:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "header->vlrs[%d].record_length_after_header is %d but header->vlrs[%d].data is NULL", i, header->vlrs[i].record_length_after_header, i);
data/laszip-3.4.3/src/laszip_dll.cpp:721:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.vlrs[i].data, header->vlrs[i].data, header->vlrs[i].record_length_after_header);
data/laszip-3.4.3/src/laszip_dll.cpp:737:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot allocate LASattributer");
data/laszip-3.4.3/src/laszip_dll.cpp:756:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "header->user_data_after_header_size is %d but header->user_data_after_header is NULL", header->user_data_after_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:760:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.user_data_after_header, header->user_data_after_header, header->user_data_after_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:765:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_header");
data/laszip-3.4.3/src/laszip_dll.cpp:788:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set point format and point size after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:794:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set point format and point size after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:802:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid combination of point_type %d and point_size %d", (I32)point_type, (I32)point_size);
data/laszip-3.4.3/src/laszip_dll.cpp:813:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_point_type_and_size");
data/laszip-3.4.3/src/laszip_dll.cpp:856:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "quantization sign flip for min_x from %g to %g. set scale factor for x coarser than %g\n", header->min_x, dequant_min_x, header->x_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:861:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "quantization sign flip for max_x from %g to %g. set scale factor for x coarser than %g\n", header->max_x, dequant_max_x, header->x_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:866:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "quantization sign flip for min_y from %g to %g. set scale factor for y coarser than %g\n", header->min_y, dequant_min_y, header->y_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:871:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "quantization sign flip for max_y from %g to %g. set scale factor for y coarser than %g\n", header->max_y, dequant_max_y, header->y_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:876:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "quantization sign flip for min_z from %g to %g. set scale factor for z coarser than %g\n", header->min_z, dequant_min_z, header->z_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:881:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "quantization sign flip for max_z from %g to %g. set scale factor for z coarser than %g\n", header->max_z, dequant_max_z, header->z_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:887:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_auto_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:908:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot auto offset after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:914:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot auto offset after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:930:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid x scale_factor %g in header", header->x_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:936:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid y scale_factor %g in header", header->y_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:942:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid z scale_factor %g in header", header->z_scale_factor);
data/laszip-3.4.3/src/laszip_dll.cpp:952:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid x coordinate at center of bounding box (min: %g max: %g)", header->min_x, header->max_x);
data/laszip-3.4.3/src/laszip_dll.cpp:958:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid y coordinate at center of bounding box (min: %g max: %g)", header->min_y, header->max_y);
data/laszip-3.4.3/src/laszip_dll.cpp:964:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid z coordinate at center of bounding box (min: %g max: %g)", header->min_z, header->max_z);
data/laszip-3.4.3/src/laszip_dll.cpp:986:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_auto_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:1008:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_point_struct pointer 'point' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1014:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set point for reader");
data/laszip-3.4.3/src/laszip_dll.cpp:1018:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&laszip_dll->point, point, ((U8*)&(laszip_dll->point.extra_bytes)) - ((U8*)&(laszip_dll->point.X)));
data/laszip-3.4.3/src/laszip_dll.cpp:1026:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->point.extra_bytes, point->extra_bytes, laszip_dll->point.num_extra_bytes);
data/laszip-3.4.3/src/laszip_dll.cpp:1030:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "target point has %d extra bytes but source point has %d", laszip_dll->point.num_extra_bytes, point->num_extra_bytes);
data/laszip-3.4.3/src/laszip_dll.cpp:1036:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "target point has extra bytes but source point does not");
data/laszip-3.4.3/src/laszip_dll.cpp:1053:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_point");
data/laszip-3.4.3/src/laszip_dll.cpp:1075:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_F64 pointer 'coordinates' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1081:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set coordinates for reader");
data/laszip-3.4.3/src/laszip_dll.cpp:1101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_coordinates");
data/laszip-3.4.3/src/laszip_dll.cpp:1123:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_F64 pointer 'coordinates' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1143:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_get_coordinates");
data/laszip-3.4.3/src/laszip_dll.cpp:1166:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "number of key_entries is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1172:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_geokey_struct pointer 'key_entries' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1178:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set geokeys after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1184:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set geokeys after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1193:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "allocating laszip_geokey_struct[%u] array", number+1);
data/laszip-3.4.3/src/laszip_dll.cpp:1200:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key_entries_plus_one + 1, key_entries, sizeof(laszip_geokey_struct)*number);
data/laszip-3.4.3/src/laszip_dll.cpp:1206:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "setting %u geodouble_params", number);
data/laszip-3.4.3/src/laszip_dll.cpp:1212:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_geokey_entries");
data/laszip-3.4.3/src/laszip_dll.cpp:1235:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "number of geodouble_params is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1241:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_F64 pointer 'geodouble_params' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1247:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set geodouble_params after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1253:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set geodouble_params after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1261:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "setting %u geodouble_params", number);
data/laszip-3.4.3/src/laszip_dll.cpp:1267:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_geodouble_params");
data/laszip-3.4.3/src/laszip_dll.cpp:1290:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "number of geoascii_params is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_CHAR pointer 'geoascii_params' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1302:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set geoascii_params after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1308:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot set geoascii_params after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1316:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "setting %u geoascii_params", number);
data/laszip-3.4.3/src/laszip_dll.cpp:1322:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_geoascii_params");
data/laszip-3.4.3/src/laszip_dll.cpp:1348:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_U32 'type' is %u but needs to be between %d and %d", type, LAS_ATTRIBUTE_U8, LAS_ATTRIBUTE_F64);
data/laszip-3.4.3/src/laszip_dll.cpp:1354:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_CHAR pointer 'name' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1360:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot add attribute after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1366:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot add attribute after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1379:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot allocate LASattributer");
data/laszip-3.4.3/src/laszip_dll.cpp:1398:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_add_attribute");
data/laszip-3.4.3/src/laszip_dll.cpp:1424:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_CHAR pointer 'user_id' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1430:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "record_length_after_header of VLR is %u but data pointer is zero", (U32)record_length_after_header);
data/laszip-3.4.3/src/laszip_dll.cpp:1436:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot add vlr after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1442:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot add vlr after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1476:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reallocating vlrs[%u] array", laszip_dll->header.number_of_variable_length_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1488:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "allocating vlrs[1] array");
data/laszip-3.4.3/src/laszip_dll.cpp:1509:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->header.vlrs[i].description, "LASzip DLL %d.%d r%d (%d)", LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION, LASZIP_VERSION_BUILD_DATE);
data/laszip-3.4.3/src/laszip_dll.cpp:1515:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laszip_dll->header.vlrs[i].data, data, record_length_after_header);
data/laszip-3.4.3/src/laszip_dll.cpp:1520:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_add_vlr");
data/laszip-3.4.3/src/laszip_dll.cpp:1543:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_CHAR pointer 'user_id' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:1549:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot remove vlr after reader was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1555:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot remove vlr after writer was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:1583:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reallocating vlrs[%u] array", laszip_dll->header.number_of_variable_length_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1610:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_add_vlr");
data/laszip-3.4.3/src/laszip_dll.cpp:1632:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1638:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1646:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_preserve_generating_software");
data/laszip-3.4.3/src/laszip_dll.cpp:1669:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1675:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1688:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_request_native_extension");
data/laszip-3.4.3/src/laszip_dll.cpp:1710:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1716:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1729:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_request_compatibility_mode");
data/laszip-3.4.3/src/laszip_dll.cpp:1751:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1757:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1765:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_set_chunk_size");
data/laszip-3.4.3/src/laszip_dll.cpp:1788:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1794:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:1800:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "appending of spatial index not (yet) supported in this version");
data/laszip-3.4.3/src/laszip_dll.cpp:1809:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_create_spatial_index");
data/laszip-3.4.3/src/laszip_dll.cpp:1825:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "unknown LAS version %d.%d", (I32)laszip_dll->header.version_major, (I32)laszip_dll->header.version_minor);
data/laszip-3.4.3/src/laszip_dll.cpp:1851:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "inconsistent number_of_point_records %u and extended_number_of_point_records %I64d", laszip_dll->header.number_of_point_records, laszip_dll->header.extended_number_of_point_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1853:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "inconsistent number_of_point_records %u and extended_number_of_point_records %llu", laszip_dll->header.number_of_point_records, laszip_dll->header.extended_number_of_point_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1869:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "inconsistent number_of_points_by_return[%u] %u and extended_number_of_points_by_return[%u] %I64d", i, laszip_dll->header.number_of_points_by_return[i], i, laszip_dll->header.extended_number_of_points_by_return[i]);
data/laszip-3.4.3/src/laszip_dll.cpp:1871:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "inconsistent number_of_points_by_return[%u] %u and extended_number_of_points_by_return[%u] %llu", i, laszip_dll->header.number_of_points_by_return[i], i, laszip_dll->header.extended_number_of_points_by_return[i]);
data/laszip-3.4.3/src/laszip_dll.cpp:1918:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "extended_number_of_point_records of %I64d is too much for 32-bit counters of compatibility mode", laszip_dll->header.extended_number_of_point_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1920:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "extended_number_of_point_records of %llu is too much for 32-bit counters of compatibility mode", laszip_dll->header.extended_number_of_point_records);
data/laszip-3.4.3/src/laszip_dll.cpp:1955:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "unknown point_data_format %d", laszip_dll->header.point_data_format);
data/laszip-3.4.3/src/laszip_dll.cpp:1961:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "bad point_data_format %d point_data_record_length %d combination", laszip_dll->header.point_data_format, laszip_dll->header.point_data_record_length);
data/laszip-3.4.3/src/laszip_dll.cpp:2051:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "adding the compatibility VLR");
data/laszip-3.4.3/src/laszip_dll.cpp:2063:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot allocate LASattributer");
data/laszip-3.4.3/src/laszip_dll.cpp:2076:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "bad \"extra bytes\" VLR describes %d bytes more than points actually have", laszip_dll->attributer->get_attributes_size() - number_of_existing_extrabytes);
data/laszip-3.4.3/src/laszip_dll.cpp:2098:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unknown_name, "unknown %d", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2145:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "adding the extra bytes VLR with the additional attributes");
data/laszip-3.4.3/src/laszip_dll.cpp:2169:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "LASzip DLL %d.%d r%d (%d) cannot compress point data format %d without requesting 'compatibility mode'", LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION, LASZIP_VERSION_BUILD_DATE, (I32)laszip_dll->header.point_data_format);
data/laszip-3.4.3/src/laszip_dll.cpp:2199:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "number_of_variable_length_records is %u but vlrs pointer is zero", laszip_dll->header.number_of_variable_length_records);
data/laszip-3.4.3/src/laszip_dll.cpp:2210:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "vlrs[%u].record_length_after_header is %u but vlrs[%u].data pointer is zero", i, laszip_dll->header.vlrs[i].record_length_after_header, i);
data/laszip-3.4.3/src/laszip_dll.cpp:2220:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error,"header_size (%u) plus vlrs_size (%u) plus user_data_after_header_size (%u) does not equal offset_to_point_data (%u)", (U32)laszip_dll->header.header_size, vlrs_size, laszip_dll->header.user_data_after_header_size, laszip_dll->header.offset_to_point_data);
data/laszip-3.4.3/src/laszip_dll.cpp:2249:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing LASzip VLR header.reserved");
data/laszip-3.4.3/src/laszip_dll.cpp:2255:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing LASzip VLR header.user_id");
data/laszip-3.4.3/src/laszip_dll.cpp:2261:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing LASzip VLR header.record_id");
data/laszip-3.4.3/src/laszip_dll.cpp:2267:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing LASzip VLR header.record_length_after_header");
data/laszip-3.4.3/src/laszip_dll.cpp:2272:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(description, "LASzip DLL %d.%d r%d (%d)", LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION, LASZIP_VERSION_BUILD_DATE);
data/laszip-3.4.3/src/laszip_dll.cpp:2275:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing LASzip VLR header.description");
data/laszip-3.4.3/src/laszip_dll.cpp:2309:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing compressor %d", (I32)laszip->compressor);
data/laszip-3.4.3/src/laszip_dll.cpp:2314:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing coder %d", (I32)laszip->coder);
data/laszip-3.4.3/src/laszip_dll.cpp:2319:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing version_major %d", (I32)laszip->version_major);
data/laszip-3.4.3/src/laszip_dll.cpp:2324:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing version_minor %d", (I32)laszip->version_minor);
data/laszip-3.4.3/src/laszip_dll.cpp:2329:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing version_revision %d", (I32)laszip->version_revision);
data/laszip-3.4.3/src/laszip_dll.cpp:2334:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing options %u", laszip->options);
data/laszip-3.4.3/src/laszip_dll.cpp:2339:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing chunk_size %u", laszip->chunk_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2344:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing number_of_special_evlrs %d", (I32)laszip->number_of_special_evlrs);
data/laszip-3.4.3/src/laszip_dll.cpp:2349:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing offset_to_special_evlrs %d", (I32)laszip->offset_to_special_evlrs);
data/laszip-3.4.3/src/laszip_dll.cpp:2354:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing num_items %d", (I32)laszip->num_items);
data/laszip-3.4.3/src/laszip_dll.cpp:2364:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing type %d of item %d", (I32)laszip->items[j].type, j);
data/laszip-3.4.3/src/laszip_dll.cpp:2369:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing size %d of item %d", (I32)laszip->items[j].size, j);
data/laszip-3.4.3/src/laszip_dll.cpp:2374:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing version %d of item %d", (I32)laszip->items[j].version, j);
data/laszip-3.4.3/src/laszip_dll.cpp:2393:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.file_signature");
data/laszip-3.4.3/src/laszip_dll.cpp:2398:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.file_source_ID");
data/laszip-3.4.3/src/laszip_dll.cpp:2403:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.global_encoding");
data/laszip-3.4.3/src/laszip_dll.cpp:2408:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.project_ID_GUID_data_1");
data/laszip-3.4.3/src/laszip_dll.cpp:2413:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.project_ID_GUID_data_2");
data/laszip-3.4.3/src/laszip_dll.cpp:2418:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.project_ID_GUID_data_3");
data/laszip-3.4.3/src/laszip_dll.cpp:2423:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.project_ID_GUID_data_4");
data/laszip-3.4.3/src/laszip_dll.cpp:2428:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.version_major");
data/laszip-3.4.3/src/laszip_dll.cpp:2433:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.version_minor");
data/laszip-3.4.3/src/laszip_dll.cpp:2438:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.system_identifier");
data/laszip-3.4.3/src/laszip_dll.cpp:2444:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->header.generating_software, "LASzip DLL %d.%d r%d (%d)", LASZIP_VERSION_MAJOR, LASZIP_VERSION_MINOR, LASZIP_VERSION_REVISION, LASZIP_VERSION_BUILD_DATE);
data/laszip-3.4.3/src/laszip_dll.cpp:2448:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.generating_software");
data/laszip-3.4.3/src/laszip_dll.cpp:2453:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.file_creation_day");
data/laszip-3.4.3/src/laszip_dll.cpp:2458:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.file_creation_year");
data/laszip-3.4.3/src/laszip_dll.cpp:2463:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.header_size");
data/laszip-3.4.3/src/laszip_dll.cpp:2472:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.offset_to_point_data");
data/laszip-3.4.3/src/laszip_dll.cpp:2482:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.number_of_variable_length_records");
data/laszip-3.4.3/src/laszip_dll.cpp:2492:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.point_data_format");
data/laszip-3.4.3/src/laszip_dll.cpp:2501:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.point_data_record_length");
data/laszip-3.4.3/src/laszip_dll.cpp:2506:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.number_of_point_records");
data/laszip-3.4.3/src/laszip_dll.cpp:2513:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.number_of_points_by_return %d", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2519:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.x_scale_factor");
data/laszip-3.4.3/src/laszip_dll.cpp:2524:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.y_scale_factor");
data/laszip-3.4.3/src/laszip_dll.cpp:2529:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.z_scale_factor");
data/laszip-3.4.3/src/laszip_dll.cpp:2534:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.x_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:2539:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.y_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:2544:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.z_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:2549:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.max_x");
data/laszip-3.4.3/src/laszip_dll.cpp:2554:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.min_x");
data/laszip-3.4.3/src/laszip_dll.cpp:2559:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.max_y");
data/laszip-3.4.3/src/laszip_dll.cpp:2564:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.min_y");
data/laszip-3.4.3/src/laszip_dll.cpp:2569:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.max_z");
data/laszip-3.4.3/src/laszip_dll.cpp:2574:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.min_z");
data/laszip-3.4.3/src/laszip_dll.cpp:2583:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "for LAS 1.%d header_size should at least be 235 but it is only %d", laszip_dll->header.version_minor, laszip_dll->header.header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2591:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning, "header.start_of_waveform_data_packet_record is %I64d. writing 0 instead.", laszip_dll->header.start_of_waveform_data_packet_record);
data/laszip-3.4.3/src/laszip_dll.cpp:2593:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning, "header.start_of_waveform_data_packet_record is %llu. writing 0 instead.", laszip_dll->header.start_of_waveform_data_packet_record);
data/laszip-3.4.3/src/laszip_dll.cpp:2599:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.start_of_waveform_data_packet_record");
data/laszip-3.4.3/src/laszip_dll.cpp:2615:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "for LAS 1.%d header_size should at least be 375 but it is only %d", laszip_dll->header.version_minor, laszip_dll->header.header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2622:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.start_of_first_extended_variable_length_record");
data/laszip-3.4.3/src/laszip_dll.cpp:2627:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.number_of_extended_variable_length_records");
data/laszip-3.4.3/src/laszip_dll.cpp:2632:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.extended_number_of_point_records");
data/laszip-3.4.3/src/laszip_dll.cpp:2639:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.extended_number_of_points_by_return[%d]", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2652:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing %d bytes of data into header.user_data_in_header", laszip_dll->header.user_data_in_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2669:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.vlrs[%d].reserved", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2675:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.vlrs[%d].user_id", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2680:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.vlrs[%d].record_id", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2685:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.vlrs[%d].record_length_after_header", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2690:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing header.vlrs[%d].description", i);
data/laszip-3.4.3/src/laszip_dll.cpp:2700:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing %d bytes of data into header.vlrs[%d].data", laszip_dll->header.vlrs[i].record_length_after_header, i);
data/laszip-3.4.3/src/laszip_dll.cpp:2730:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing %u bytes of data into header.user_data_after_header", laszip_dll->header.user_data_after_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2749:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc LASwritePoint");
data/laszip-3.4.3/src/laszip_dll.cpp:2755:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "setup of LASwritePoint failed");
data/laszip-3.4.3/src/laszip_dll.cpp:2761:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "init of LASwritePoint failed");
data/laszip-3.4.3/src/laszip_dll.cpp:2783:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "requesting 'compatibility mode' has failed");
data/laszip-3.4.3/src/laszip_dll.cpp:2792:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid combination of point_type %d and point_size %d", (I32)point_type, (I32)point_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2807:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc point_items");
data/laszip-3.4.3/src/laszip_dll.cpp:2839:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "unknown LASitem type %d", (I32)laszip->items[i].type);
data/laszip-3.4.3/src/laszip_dll.cpp:2850:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot compress point_type %d with point_size %d using native", (I32)point_type, (I32)point_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2858:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "cannot compress point_type %d with point_size %d", (I32)point_type, (I32)point_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2873:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "setting chunk size %d has failed", laszip_dll->set_chunk_size);
data/laszip-3.4.3/src/laszip_dll.cpp:2900:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_CHAR pointer 'file_name' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:2906:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:2912:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:2923:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
laszip_dll->file = fopen(file_name, "wb");
data/laszip-3.4.3/src/laszip_dll.cpp:2934:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning, "setvbuf() failed with buffer size 262144\n");
data/laszip-3.4.3/src/laszip_dll.cpp:2946:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc ByteStreamOutFile");
data/laszip-3.4.3/src/laszip_dll.cpp:3041:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "legacy flags and extended flags are not identical");
data/laszip-3.4.3/src/laszip_dll.cpp:3050:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "legacy classification %d and extended classification %d are not consistent", laszip_dll->point.classification, laszip_dll->point.extended_classification);
data/laszip-3.4.3/src/laszip_dll.cpp:3137:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing point %I64d of %I64d total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:3139:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing point %lld of %lld total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:3148:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_write_point");
data/laszip-3.4.3/src/laszip_dll.cpp:3171:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing point %I64d of %I64d total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:3173:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writing point %lld of %lld total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:3185:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_write_indexed_point");
data/laszip-3.4.3/src/laszip_dll.cpp:3213:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_update_inventory");
data/laszip-3.4.3/src/laszip_dll.cpp:3234:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "closing writer before it was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:3240:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "done of LASwritePoint failed");
data/laszip-3.4.3/src/laszip_dll.cpp:3259:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->number_of_point_records");
data/laszip-3.4.3/src/laszip_dll.cpp:3266:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->number_of_points_by_return[%d]\n", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3276:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->max_X");
data/laszip-3.4.3/src/laszip_dll.cpp:3282:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->min_X");
data/laszip-3.4.3/src/laszip_dll.cpp:3288:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->max_Y");
data/laszip-3.4.3/src/laszip_dll.cpp:3294:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->min_Y");
data/laszip-3.4.3/src/laszip_dll.cpp:3300:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->max_Z");
data/laszip-3.4.3/src/laszip_dll.cpp:3306:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->min_Z");
data/laszip-3.4.3/src/laszip_dll.cpp:3315:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->extended_number_of_point_records");
data/laszip-3.4.3/src/laszip_dll.cpp:3323:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "updating laszip_dll->inventory->extended_number_of_points_by_return[%d]\n", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3362:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_writer_close");
data/laszip-3.4.3/src/laszip_dll.cpp:3384:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:3390:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:3398:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_exploit_spatial_index");
data/laszip-3.4.3/src/laszip_dll.cpp:3420:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:3426:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:3434:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_decompress_selective");
data/laszip-3.4.3/src/laszip_dll.cpp:3456:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.file_signature");
data/laszip-3.4.3/src/laszip_dll.cpp:3461:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "wrong file_signature. not a LAS/LAZ file.");
data/laszip-3.4.3/src/laszip_dll.cpp:3466:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.file_source_ID");
data/laszip-3.4.3/src/laszip_dll.cpp:3471:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.global_encoding");
data/laszip-3.4.3/src/laszip_dll.cpp:3476:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.project_ID_GUID_data_1");
data/laszip-3.4.3/src/laszip_dll.cpp:3481:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.project_ID_GUID_data_2");
data/laszip-3.4.3/src/laszip_dll.cpp:3486:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.project_ID_GUID_data_3");
data/laszip-3.4.3/src/laszip_dll.cpp:3491:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.project_ID_GUID_data_4");
data/laszip-3.4.3/src/laszip_dll.cpp:3496:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.version_major");
data/laszip-3.4.3/src/laszip_dll.cpp:3501:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.version_minor");
data/laszip-3.4.3/src/laszip_dll.cpp:3506:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.system_identifier");
data/laszip-3.4.3/src/laszip_dll.cpp:3511:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.generating_software");
data/laszip-3.4.3/src/laszip_dll.cpp:3516:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.file_creation_day");
data/laszip-3.4.3/src/laszip_dll.cpp:3521:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.file_creation_year");
data/laszip-3.4.3/src/laszip_dll.cpp:3526:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.header_size");
data/laszip-3.4.3/src/laszip_dll.cpp:3531:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.offset_to_point_data");
data/laszip-3.4.3/src/laszip_dll.cpp:3536:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.number_of_variable_length_records");
data/laszip-3.4.3/src/laszip_dll.cpp:3541:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.point_data_format");
data/laszip-3.4.3/src/laszip_dll.cpp:3546:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.point_data_record_length");
data/laszip-3.4.3/src/laszip_dll.cpp:3551:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.number_of_point_records");
data/laszip-3.4.3/src/laszip_dll.cpp:3558:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.number_of_points_by_return %d", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3564:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.x_scale_factor");
data/laszip-3.4.3/src/laszip_dll.cpp:3569:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.y_scale_factor");
data/laszip-3.4.3/src/laszip_dll.cpp:3574:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.z_scale_factor");
data/laszip-3.4.3/src/laszip_dll.cpp:3579:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.x_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:3584:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.y_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:3589:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.z_offset");
data/laszip-3.4.3/src/laszip_dll.cpp:3594:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.max_x");
data/laszip-3.4.3/src/laszip_dll.cpp:3599:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.min_x");
data/laszip-3.4.3/src/laszip_dll.cpp:3604:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.max_y");
data/laszip-3.4.3/src/laszip_dll.cpp:3609:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.min_y");
data/laszip-3.4.3/src/laszip_dll.cpp:3614:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.max_z");
data/laszip-3.4.3/src/laszip_dll.cpp:3619:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.min_z");
data/laszip-3.4.3/src/laszip_dll.cpp:3628:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "for LAS 1.%d header_size should at least be 235 but it is only %d", laszip_dll->header.version_minor, laszip_dll->header.header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:3635:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.start_of_waveform_data_packet_record");
data/laszip-3.4.3/src/laszip_dll.cpp:3651:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "for LAS 1.%d header_size should at least be 375 but it is only %d", laszip_dll->header.version_minor, laszip_dll->header.header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:3658:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.start_of_first_extended_variable_length_record");
data/laszip-3.4.3/src/laszip_dll.cpp:3663:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.number_of_extended_variable_length_records");
data/laszip-3.4.3/src/laszip_dll.cpp:3668:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.extended_number_of_point_records");
data/laszip-3.4.3/src/laszip_dll.cpp:3675:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.extended_number_of_points_by_return[%d]", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3694:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading %u bytes of data into header.user_data_in_header", laszip_dll->header.user_data_in_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:3712:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "allocating %u VLRs", laszip_dll->header.number_of_variable_length_records);
data/laszip-3.4.3/src/laszip_dll.cpp:3722:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning, "only %d bytes until point block after reading %d of %d vlrs. skipping remaining vlrs ...", (int)laszip_dll->header.offset_to_point_data - vlrs_size - laszip_dll->header.header_size, i, laszip_dll->header.number_of_variable_length_records);
data/laszip-3.4.3/src/laszip_dll.cpp:3731:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.vlrs[%u].reserved", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3737:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.vlrs[%u].user_id", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3742:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.vlrs[%u].record_id", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3747:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.vlrs[%u].record_length_after_header", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3752:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading header.vlrs[%u].description", i);
data/laszip-3.4.3/src/laszip_dll.cpp:3764:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning,"wrong header.vlrs[%d].reserved: %d != 0xAABB and %d != 0x0", i, laszip_dll->header.vlrs[i].reserved, laszip_dll->header.vlrs[i].reserved);
data/laszip-3.4.3/src/laszip_dll.cpp:3771:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning, "only %d bytes until point block when trying to read %d bytes into header.vlrs[%d].data", (int)laszip_dll->header.offset_to_point_data - vlrs_size - laszip_dll->header.header_size, laszip_dll->header.vlrs[i].record_length_after_header, i);
data/laszip-3.4.3/src/laszip_dll.cpp:3790:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc LASzip");
data/laszip-3.4.3/src/laszip_dll.cpp:3813:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading compressor %d", (I32)laszip->compressor);
data/laszip-3.4.3/src/laszip_dll.cpp:3818:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading coder %d", (I32)laszip->coder);
data/laszip-3.4.3/src/laszip_dll.cpp:3823:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading version_major %d", (I32)laszip->version_major);
data/laszip-3.4.3/src/laszip_dll.cpp:3828:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading version_minor %d", (I32)laszip->version_minor);
data/laszip-3.4.3/src/laszip_dll.cpp:3833:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading version_revision %d", (I32)laszip->version_revision);
data/laszip-3.4.3/src/laszip_dll.cpp:3838:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading options %u", laszip->options);
data/laszip-3.4.3/src/laszip_dll.cpp:3843:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading chunk_size %u", laszip->chunk_size);
data/laszip-3.4.3/src/laszip_dll.cpp:3848:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading number_of_special_evlrs %d", (I32)laszip->number_of_special_evlrs);
data/laszip-3.4.3/src/laszip_dll.cpp:3853:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading offset_to_special_evlrs %d", (I32)laszip->offset_to_special_evlrs);
data/laszip-3.4.3/src/laszip_dll.cpp:3858:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading num_items %d", (I32)laszip->num_items);
data/laszip-3.4.3/src/laszip_dll.cpp:3868:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading type of item %u", j);
data/laszip-3.4.3/src/laszip_dll.cpp:3874:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading size of item %u", j);
data/laszip-3.4.3/src/laszip_dll.cpp:3879:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading version of item %u", j);
data/laszip-3.4.3/src/laszip_dll.cpp:3890:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading %d bytes of data into header.vlrs[%u].data", (I32)laszip_dll->header.vlrs[i].record_length_after_header, i);
data/laszip-3.4.3/src/laszip_dll.cpp:3940:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading %u bytes of data into header.user_data_after_header", laszip_dll->header.user_data_after_header_size);
data/laszip-3.4.3/src/laszip_dll.cpp:3951:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "this file was compressed with an experimental version of LASzip. contact 'martin.isenburg@rapidlasso.com' for assistance");
data/laszip-3.4.3/src/laszip_dll.cpp:3976:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc LASzip");
data/laszip-3.4.3/src/laszip_dll.cpp:3981:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "invalid combination of point_data_format %d and point_data_record_length %d", (I32)laszip_dll->header.point_data_format, (I32)laszip_dll->header.point_data_record_length);
data/laszip-3.4.3/src/laszip_dll.cpp:3997:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc point_items");
data/laszip-3.4.3/src/laszip_dll.cpp:4029:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "unknown LASitem type %d", (I32)laszip->items[i].type);
data/laszip-3.4.3/src/laszip_dll.cpp:4158:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "removing the compatibility VLR");
data/laszip-3.4.3/src/laszip_dll.cpp:4176:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "rewriting the extra bytes VLR without 'LAS 1.4 compatibility mode' attributes");
data/laszip-3.4.3/src/laszip_dll.cpp:4184:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "removing the LAS 1.4 attribute VLR");
data/laszip-3.4.3/src/laszip_dll.cpp:4267:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc LASreadPoint");
data/laszip-3.4.3/src/laszip_dll.cpp:4273:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "setup of LASreadPoint failed");
data/laszip-3.4.3/src/laszip_dll.cpp:4279:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "init of LASreadPoint failed");
data/laszip-3.4.3/src/laszip_dll.cpp:4309:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_CHAR pointer 'file_name' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:4315:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_BOOL pointer 'is_compressed' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:4321:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4327:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4338:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
laszip_dll->file = fopen(file_name, "rb");
data/laszip-3.4.3/src/laszip_dll.cpp:4349:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->warning, "setvbuf() failed with buffer size 262144\n");
data/laszip-3.4.3/src/laszip_dll.cpp:4359:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc ByteStreamInFile");
data/laszip-3.4.3/src/laszip_dll.cpp:4385:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_open_reader");
data/laszip-3.4.3/src/laszip_dll.cpp:4408:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_BOOL pointer 'is_indexed' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:4414:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is not open");
data/laszip-3.4.3/src/laszip_dll.cpp:4420:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4426:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "exploiting of spatial indexing not enabled before opening reader");
data/laszip-3.4.3/src/laszip_dll.cpp:4451:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_have_spatial_index");
data/laszip-3.4.3/src/laszip_dll.cpp:4477:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is not open");
data/laszip-3.4.3/src/laszip_dll.cpp:4483:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_BOOL pointer 'is_empty' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:4489:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "exploiting of spatial indexing not enabled before opening reader");
data/laszip-3.4.3/src/laszip_dll.cpp:4525:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_inside_rectangle");
data/laszip-3.4.3/src/laszip_dll.cpp:4549:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "seeking from index %I64d to index %I64d for file with %I64d points", laszip_dll->p_count, index, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:4551:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "seeking from index %lld to index %lld for file with %lld points", laszip_dll->p_count, index, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:4559:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_seek_point");
data/laszip-3.4.3/src/laszip_dll.cpp:4582:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading point %I64d of %I64d total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:4584:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading point %lld of %lld total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:4634:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_read_point");
data/laszip-3.4.3/src/laszip_dll.cpp:4692:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading point %I64d of %I64d total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:4694:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reading point %lld of %lld total points", laszip_dll->p_count, laszip_dll->npoints);
data/laszip-3.4.3/src/laszip_dll.cpp:4703:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_read_inside_point");
data/laszip-3.4.3/src/laszip_dll.cpp:4723:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "closing reader before it was opened");
data/laszip-3.4.3/src/laszip_dll.cpp:4729:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "done of LASreadPoint failed");
data/laszip-3.4.3/src/laszip_dll.cpp:4756:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_close_reader");
data/laszip-3.4.3/src/laszip_dll.cpp:4781:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "laszip_BOOL pointer 'is_compressed' is zero");
data/laszip-3.4.3/src/laszip_dll.cpp:4787:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4793:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4806:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc ByteStreamInIstream");
data/laszip-3.4.3/src/laszip_dll.cpp:4814:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_open_reader");
data/laszip-3.4.3/src/laszip_dll.cpp:4839:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "writer is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4845:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "reader is already open");
data/laszip-3.4.3/src/laszip_dll.cpp:4858:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc ByteStreamOutOstream");
data/laszip-3.4.3/src/laszip_dll.cpp:4917:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "internal error in laszip_open_writer_stream.");
data/laszip-3.4.3/src/laszip_dll.cpp:4952:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(laszip_dll->error, "could not alloc ByteStreamOutArray");
data/laszip-3.4.3/src/laszip_dll.cpp:4969:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*vlr, out->getData(), out->getSize());
data/laszip-3.4.3/src/laszipper.cpp:40:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool LASzipper::open(FILE* outfile, const LASzip* laszip)
data/laszip-3.4.3/src/laszipper.cpp:59:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool LASzipper::open(ostream& outstream, const LASzip* laszip)
data/laszip-3.4.3/src/laszipper.cpp:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/laszip-3.4.3/src/laszipper.hpp:56:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(FILE* outfile, const LASzip* laszip);
data/laszip-3.4.3/src/laszipper.hpp:57:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(ostream& outstream, const LASzip* laszip);
data/laszip-3.4.3/src/mydefs.cpp:38:13: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int len = MultiByteToWideChar(CP_UTF8, 0, utf8, -1, 0, 0);
data/laszip-3.4.3/src/mydefs.cpp:42:5: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, utf8, -1, utf16, len);
data/laszip-3.4.3/example/laszipdllexample.cpp:72:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/laszip-3.4.3/example/laszipdllexample.cpp:99:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/laszip-3.4.3/example/laszipdllexample.cpp:163:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_name[strlen(file_name)-1] = '\0';
data/laszip-3.4.3/example/laszipdllexample.cpp:166:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_name[strlen(file_name)-1] = '\0';
data/laszip-3.4.3/example/laszipdllexample.cpp:638:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header->system_identifier, "LASzip DLL example 3", 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:1320:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header->system_identifier, "LASzip DLL example 6", 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:1617:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header->system_identifier, "LASzip DLL example 7", 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:2097:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header->system_identifier, "LASzip DLL example 9", 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:2798:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header->system_identifier, "LASzip DLL example 7", 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:3737:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header_write->system_identifier, "LASzip DLL example 15", 32);
data/laszip-3.4.3/example/laszipdllexample.cpp:3951:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(header->system_identifier, "LASzip DLL example 16", 32);
data/laszip-3.4.3/example/laszippertest.cpp:384:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unzipper->read(data.point);
data/laszip-3.4.3/example/laszippertest.cpp:403:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unzipper->read(data.point);
data/laszip-3.4.3/example/laszippertest.cpp:427:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/laszip-3.4.3/example/laszippertest.cpp:520:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unzipper->read(data.point);
data/laszip-3.4.3/example/laszippertest.cpp:549:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unzipper->read(data.point);
data/laszip-3.4.3/example/laszippertest.cpp:574:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/laszip-3.4.3/src/bytestreamin_file.hpp:114:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int byte = getc(file);
data/laszip-3.4.3/src/bytestreamin_istream.hpp:126:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read((char*)bytes, num_bytes);
data/laszip-3.4.3/src/lasattributer.hpp:79:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, 32);
data/laszip-3.4.3/src/lasattributer.hpp:80:22: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (description) strncpy(this->description, description, 32);
data/laszip-3.4.3/src/lasindex.cpp:293:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL LASindex::read(FILE* file)
data/laszip-3.4.3/src/lasindex.cpp:301:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!read(stream))
data/laszip-3.4.3/src/lasindex.cpp:327:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL LASindex::read(const char* file_name)
data/laszip-3.4.3/src/lasindex.cpp:333:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 'x';
data/laszip-3.4.3/src/lasindex.cpp:337:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 'X';
data/laszip-3.4.3/src/lasindex.cpp:341:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-3] = 'l';
data/laszip-3.4.3/src/lasindex.cpp:342:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-2] = 'a';
data/laszip-3.4.3/src/lasindex.cpp:343:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 'x';
data/laszip-3.4.3/src/lasindex.cpp:357:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!read(file))
data/laszip-3.4.3/src/lasindex.cpp:526:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 'x';
data/laszip-3.4.3/src/lasindex.cpp:530:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 'X';
data/laszip-3.4.3/src/lasindex.cpp:534:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-3] = 'l';
data/laszip-3.4.3/src/lasindex.cpp:535:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-2] = 'a';
data/laszip-3.4.3/src/lasindex.cpp:536:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 'x';
data/laszip-3.4.3/src/lasindex.cpp:563:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL LASindex::read(ByteStreamIn* stream)
data/laszip-3.4.3/src/lasindex.cpp:594:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!spatial->read(stream))
data/laszip-3.4.3/src/lasindex.cpp:601:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!interval->read(stream))
data/laszip-3.4.3/src/lasindex.hpp:68:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL read(FILE* file);
data/laszip-3.4.3/src/lasindex.hpp:70:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL read(const char* file_name);
data/laszip-3.4.3/src/lasindex.hpp:73:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL read(ByteStreamIn* stream);
data/laszip-3.4.3/src/lasinterval.cpp:576:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL LASinterval::read(ByteStreamIn* stream)
data/laszip-3.4.3/src/lasinterval.hpp:85:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL read(ByteStreamIn* stream);
data/laszip-3.4.3/src/lasquadtree.cpp:577:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL LASquadtree::read(ByteStreamIn* stream)
data/laszip-3.4.3/src/lasquadtree.hpp:52:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL read(ByteStreamIn* stream);
data/laszip-3.4.3/src/lasreaditem.hpp:44:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(U8* item, U32& context)=0;
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:133:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_POINT10_v1::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:295:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_GPSTIME11_v1::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:405:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_RGB12_v1::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:487:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_WAVEPACKET13_v1::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v1.cpp:565:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_BYTE_v1::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v1.hpp:48:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v1.hpp:78:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v1.hpp:100:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v1.hpp:119:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v1.hpp:144:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:137:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_POINT10_v2::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:297:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_GPSTIME11_v2::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:322:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(item, context);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:396:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(item, context);
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:453:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_RGB12_v2::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v2.cpp:581:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_BYTE_v2::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v2.hpp:49:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v2.hpp:80:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v2.hpp:103:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v2.hpp:127:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is unused
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:706:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_POINT14_v3::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1306:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_RGB14_v3::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:1686:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_RGBNIR14_v3::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:2038:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_WAVEPACKET14_v3::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v3.cpp:2378:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_BYTE14_v3::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v3.hpp:53:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is set
data/laszip-3.4.3/src/lasreaditemcompressed_v3.hpp:129:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v3.hpp:166:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v3.hpp:208:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v3.hpp:245:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:706:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_POINT14_v4::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1306:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_RGB14_v4::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:1686:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_RGBNIR14_v4::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:2038:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_WAVEPACKET14_v4::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v4.cpp:2378:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void LASreadItemCompressed_BYTE14_v4::read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemcompressed_v4.hpp:54:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is set
data/laszip-3.4.3/src/lasreaditemcompressed_v4.hpp:130:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v4.hpp:167:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v4.hpp:209:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemcompressed_v4.hpp:246:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(U8* item, U32& context); // context is only read
data/laszip-3.4.3/src/lasreaditemraw.hpp:44:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:54:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:72:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:82:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:95:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:105:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:120:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:130:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:152:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:213:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:267:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:321:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreaditemraw.hpp:331:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read(U8* item, U32& context)
data/laszip-3.4.3/src/lasreadpoint.cpp:391:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(seek_point);
data/laszip-3.4.3/src/lasreadpoint.cpp:405:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL LASreadPoint::read(U8* const * point)
data/laszip-3.4.3/src/lasreadpoint.cpp:455:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readers[i]->read(point[i], context);
data/laszip-3.4.3/src/lasreadpoint.cpp:462:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readers_raw[i]->read(point[i], context);
data/laszip-3.4.3/src/lasreadpoint.cpp:497:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readers[i]->read(point[i], context);
data/laszip-3.4.3/src/lasreadpoint.hpp:66:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOL read(U8* const * point);
data/laszip-3.4.3/src/lasunzipper.cpp:89:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool LASunzipper::read(unsigned char * const * point)
data/laszip-3.4.3/src/lasunzipper.cpp:92:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (reader->read(point) == TRUE);
data/laszip-3.4.3/src/lasunzipper.hpp:60:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(unsigned char * const * point);
data/laszip-3.4.3/src/laszip_dll.cpp:1500:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(laszip_dll->header.vlrs[i].user_id, user_id, 16);
data/laszip-3.4.3/src/laszip_dll.cpp:1505:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(laszip_dll->header.vlrs[i].description, description, 32);
data/laszip-3.4.3/src/laszip_dll.cpp:4376:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!laszip_dll->lax_index->read(file_name))
data/laszip-3.4.3/src/laszip_dll.cpp:4579:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!laszip_dll->reader->read(laszip_dll->point_items))
data/laszip-3.4.3/src/laszip_dll.cpp:4662:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (laszip_dll->reader->read(laszip_dll->point_items))
data/laszip-3.4.3/src/laszip_dll.cpp:4676:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (laszip_dll->reader->read(laszip_dll->point_items))
ANALYSIS SUMMARY:
Hits = 660
Lines analyzed = 40569 in approximately 1.10 seconds (36756 lines/second)
Physical Source Lines of Code (SLOC) = 29116
Hits@level = [0] 517 [1] 114 [2] 518 [3] 13 [4] 15 [5] 0
Hits@level+ = [0+] 1177 [1+] 660 [2+] 546 [3+] 28 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 40.4245 [1+] 22.6679 [2+] 18.7526 [3+] 0.961671 [4+] 0.515181 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.