Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libics-1.6.4/libics.h
Examining data/libics-1.6.4/libics_binary.c
Examining data/libics-1.6.4/libics_compress.c
Examining data/libics-1.6.4/libics_data.c
Examining data/libics-1.6.4/libics_gzip.c
Examining data/libics-1.6.4/libics_history.c
Examining data/libics-1.6.4/libics_intern.h
Examining data/libics-1.6.4/libics_ll.h
Examining data/libics-1.6.4/libics_preview.c
Examining data/libics-1.6.4/libics_read.c
Examining data/libics-1.6.4/libics_sensor.c
Examining data/libics-1.6.4/libics_sensor.h
Examining data/libics-1.6.4/libics_test.c
Examining data/libics-1.6.4/libics_test.h
Examining data/libics-1.6.4/libics_top.c
Examining data/libics-1.6.4/libics_util.c
Examining data/libics-1.6.4/libics_write.c
Examining data/libics-1.6.4/support/cpp_interface/libics.cpp
Examining data/libics-1.6.4/support/cpp_interface/libics.hpp
Examining data/libics-1.6.4/support/cpp_interface/test_history.cpp
Examining data/libics-1.6.4/support/cpp_interface/test_ics2a.cpp
Examining data/libics-1.6.4/support/cpp_interface/test_ics2b.cpp
Examining data/libics-1.6.4/support/cpp_interface/test_metadata.cpp
Examining data/libics-1.6.4/support/icsviewer/readics.c
Examining data/libics-1.6.4/support/icsviewer/resource.h
Examining data/libics-1.6.4/support/icsviewer/viewer.c
Examining data/libics-1.6.4/support/icsviewer/writedib.c
Examining data/libics-1.6.4/support/matlab/icsread.c
Examining data/libics-1.6.4/support/matlab/icswrite.c
Examining data/libics-1.6.4/test_compress.c
Examining data/libics-1.6.4/test_gzip.c
Examining data/libics-1.6.4/test_history.c
Examining data/libics-1.6.4/test_ics1.c
Examining data/libics-1.6.4/test_ics2a.c
Examining data/libics-1.6.4/test_ics2b.c
Examining data/libics-1.6.4/test_metadata.c
Examining data/libics-1.6.4/test_strides.c
Examining data/libics-1.6.4/test_strides2.c
Examining data/libics-1.6.4/test_strides3.c
FINAL RESULTS:
data/libics-1.6.4/libics.h:91:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libics-1.6.4/libics.h:91:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libics-1.6.4/libics_history.c:159:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, key); /* already tested length */
data/libics-1.6.4/libics_history.c:164:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, value);
data/libics-1.6.4/libics_history.c:514:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, key); /* already tested length */
data/libics-1.6.4/libics_history.c:517:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, value);
data/libics-1.6.4/libics_read.c:288:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, token);
data/libics-1.6.4/libics_read.c:292:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, token);
data/libics-1.6.4/libics_read.c:1043:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(icsStruct->imel.unit, unit[si]);
data/libics-1.6.4/libics_read.c:1048:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(icsStruct->dim[sj].order, order[si]);
data/libics-1.6.4/libics_read.c:1049:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(icsStruct->dim[sj].label, label[si]);
data/libics-1.6.4/libics_read.c:1050:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(icsStruct->dim[sj].unit, unit[si]);
data/libics-1.6.4/libics_top.c:192:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, ics->filename);
data/libics-1.6.4/libics_top.c:264:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ics->dim[i].order, ICSKEY_ORDER[i]);
data/libics-1.6.4/libics_top.c:265:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ics->dim[i].label, ICSKEY_LABEL[i]);
data/libics-1.6.4/libics_top.c:784:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(units, ptr);
data/libics-1.6.4/libics_top.c:845:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ics->dim[dimension].unit, ICS_UNITS_UNDEFINED);
data/libics-1.6.4/libics_top.c:867:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(order, order_ptr);
data/libics-1.6.4/libics_top.c:870:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label, label_ptr);
data/libics-1.6.4/libics_top.c:947:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(coord, ics->coord);
data/libics-1.6.4/libics_top.c:949:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(coord, ICS_COORD_VIDEO);
data/libics-1.6.4/libics_top.c:970:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ics->coord, ICS_COORD_VIDEO);
data/libics-1.6.4/libics_top.c:1028:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(units, ptr);
data/libics-1.6.4/libics_top.c:1084:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ics->imel.unit, ICS_UNITS_RELATIVE);
data/libics-1.6.4/libics_top.c:1102:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sciltype, ics->scilType);
data/libics-1.6.4/libics_util.c:259:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dest, ICSEXT);
data/libics-1.6.4/libics_util.c:294:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dest, IDSEXT);
data/libics-1.6.4/libics_util.c:315:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, FileName);
data/libics-1.6.4/libics_write.c:57:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cPtr, G_Categories.list[i].name);
data/libics-1.6.4/libics_write.c:65:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cPtr, G_SubCategories.list[i].name);
data/libics-1.6.4/libics_write.c:73:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cPtr, G_SubSubCategories.list[i].name);
data/libics-1.6.4/libics_write.c:81:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cPtr, G_Values.list[i].name);
data/libics-1.6.4/libics_write.c:100:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, tokenName);
data/libics-1.6.4/libics_write.c:118:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, tokenName);
data/libics-1.6.4/libics_write.c:136:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, tokenName);
data/libics-1.6.4/libics_write.c:155:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, tokenName);
data/libics-1.6.4/libics_write.c:157:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, index);
data/libics-1.6.4/libics_write.c:179:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, tokenName);
data/libics-1.6.4/libics_write.c:181:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, index1);
data/libics-1.6.4/libics_write.c:183:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, index2);
data/libics-1.6.4/libics_write.c:199:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, text);
data/libics-1.6.4/libics_write.c:215:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, text);
data/libics-1.6.4/libics_write.c:231:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, text);
data/libics-1.6.4/libics_write.c:248:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, intStr);
data/libics-1.6.4/libics_write.c:264:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, intStr);
data/libics-1.6.4/libics_write.c:284:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, dStr);
data/libics-1.6.4/libics_write.c:304:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, dStr);
data/libics-1.6.4/libics_write.c:460:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(icsStruct->coord, ICS_COORD_VIDEO);
data/libics-1.6.4/support/matlab/icsread.c:74:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errormessage, "Couldn't read the ICS header: %s", IcsGetErrorText (retval));
data/libics-1.6.4/support/matlab/icsread.c:136:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errormessage, "Couldn't read the image data: %s", IcsGetErrorText (retval));
data/libics-1.6.4/support/matlab/icsread.c:141:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errormessage, "Couldn't close the file pointer: %s", IcsGetErrorText (retval));
data/libics-1.6.4/support/matlab/icswrite.c:127:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errormessage, "Couldn't open the file for writing: %s", IcsGetErrorText (retval));
data/libics-1.6.4/support/matlab/icswrite.c:136:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errormessage, "Failed to set the data: %s", IcsGetErrorText (retval));
data/libics-1.6.4/support/matlab/icswrite.c:144:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errormessage, "Failed to create the ICS file: %s", IcsGetErrorText (retval));
data/libics-1.6.4/libics.h:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[ICS_STRLEN_TOKEN]; /* Order of this dimension */
data/libics-1.6.4/libics.h:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[ICS_STRLEN_TOKEN]; /* Label for this dimension */
data/libics-1.6.4/libics.h:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[ICS_STRLEN_TOKEN]; /* Units for Origin and Scale */
data/libics-1.6.4/libics.h:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICS_MAXPATHLEN];
data/libics-1.6.4/libics.h:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coord[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcFile[ICS_MAXPATHLEN];
data/libics-1.6.4/libics.h:286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[ICS_STRLEN_OTHER];
data/libics-1.6.4/libics.h:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imagingDirection[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[ICS_MAX_LAMBDA][ICS_STRLEN_OTHER];
data/libics-1.6.4/libics.h:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char detectorMirror[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char detectorModel[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:378:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char detectorRedHist[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:381:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stedDepletionMode[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spimExcType[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scatterModel[ICS_MAX_LAMBDA][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:430:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scilType[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics.h:554:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ICS_STRLEN_TOKEN+1]; /* optional key this iterator looks for. */
data/libics-1.6.4/libics_binary.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICS_MAXPATHLEN];
data/libics-1.6.4/libics_binary.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[3] = "wb";
data/libics-1.6.4/libics_binary.c:340:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static Ics_Error IcsReorderIds(char *buf,
data/libics-1.6.4/libics_binary.c:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imel[ICS_MAX_IMEL_SIZE];
data/libics-1.6.4/libics_binary.c:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICS_MAXPATHLEN];
data/libics-1.6.4/libics_binary.c:401:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".gz");
data/libics-1.6.4/libics_binary.c:405:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename + strlen(filename) - 3, ".Z");
data/libics-1.6.4/libics_compress.c:268:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((unsigned char*)outBuffer) + outPos, stackPtr, i);
data/libics-1.6.4/libics_gzip.c:298:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inBuf_ptr, data, (size_t)nBytes);
data/libics-1.6.4/libics_history.c:87:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char const seps[3] = {ICS_FIELD_SEP,ICS_EOL,'\0'};
data/libics-1.6.4/libics_history.c:388:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, buf, length);
data/libics-1.6.4/libics_read.c:55:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int icsGetBitsParam(char order[ICS_MAXDIM+1][ICS_STRLEN_TOKEN],
data/libics-1.6.4/libics_read.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_read.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_read.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *token, buffer[ICS_LINE_LENGTH], *idx1, *idx2;
data/libics-1.6.4/libics_read.c:347:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
icsStruct->FIELD[i++] = atoi(ptr); \
data/libics-1.6.4/libics_read.c:391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seps[3], *ptr, *data;
data/libics-1.6.4/libics_read.c:392:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_read.c:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[ICS_MAXDIM+1][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_read.c:408:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[ICS_MAXDIM+1][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_read.c:409:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[ICS_MAXDIM+1][ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_read.c:477:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parameters = atoi(ptr);
data/libics-1.6.4/libics_read.c:564:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
icsStruct->byteOrder[i++] = atoi(ptr);
data/libics-1.6.4/libics_read.c:644:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(ptr);
data/libics-1.6.4/libics_read.c:653:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(ptr);
data/libics-1.6.4/libics_read.c:722:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
detID = atoi(idx1);
data/libics-1.6.4/libics_read.c:747:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
detID = atoi(idx1);
data/libics-1.6.4/libics_read.c:775:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
detID = atoi(idx1);
data/libics-1.6.4/libics_read.c:1079:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FileName[ICS_MAXPATHLEN];
data/libics-1.6.4/libics_read.c:1080:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seps[3];
data/libics-1.6.4/libics_top.c:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICS_MAXPATHLEN+4];
data/libics-1.6.4/libics_top.c:193:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".tmp");
data/libics-1.6.4/libics_top.c:475:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, buf + (unsigned)i * imelSize, imelSize);
data/libics-1.6.4/libics_top.c:592:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, buf + j * imelSize, imelSize);
data/libics-1.6.4/libics_util.c:79:23: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int n = MultiByteToWideChar(CP_UTF8, 0, path, -1, wpath, 0);
data/libics-1.6.4/libics_util.c:85:10: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if (!MultiByteToWideChar(CP_UTF8, 0, path, -1, wpath, n)) goto exit;
data/libics-1.6.4/libics_util.c:86:10: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if (!MultiByteToWideChar(CP_UTF8, 0, mode, -1, wmode, 8)) goto exit;
data/libics-1.6.4/libics_util.c:96:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(path, mode);
data/libics-1.6.4/libics_util.c:132:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, nchar);
data/libics-1.6.4/libics_util.c:308:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FileName[ICS_MAXPATHLEN];
data/libics-1.6.4/libics_write.c:95:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokenName[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_write.c:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokenName[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_write.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokenName[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_write.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokenName[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_write.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokenName[ICS_STRLEN_TOKEN];
data/libics-1.6.4/libics_write.c:182:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "][");
data/libics-1.6.4/libics_write.c:242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intStr[ICS_STRLEN_OTHER];
data/libics-1.6.4/libics_write.c:245:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intStr, "%ld%c", i, ICS_FIELD_SEP);
data/libics-1.6.4/libics_write.c:258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intStr[ICS_STRLEN_OTHER];
data/libics-1.6.4/libics_write.c:261:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intStr, "%ld%c", i, ICS_EOL);
data/libics-1.6.4/libics_write.c:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dStr[ICS_STRLEN_OTHER];
data/libics-1.6.4/libics_write.c:278:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dStr, "%f%c", d, ICS_FIELD_SEP);
data/libics-1.6.4/libics_write.c:280:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dStr, "%e%c", d, ICS_FIELD_SEP);
data/libics-1.6.4/libics_write.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dStr[ICS_STRLEN_OTHER];
data/libics-1.6.4/libics_write.c:298:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dStr, "%f%c", d, ICS_EOL);
data/libics-1.6.4/libics_write.c:300:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dStr, "%e%c", d, ICS_EOL);
data/libics-1.6.4/libics_write.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:767:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[ICS_STRLEN_OTHER];
data/libics-1.6.4/libics_write.c:839:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%d", j);
data/libics-1.6.4/libics_write.c:848:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%d", j);
data/libics-1.6.4/libics_write.c:853:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%d", j);
data/libics-1.6.4/libics_write.c:929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:1000:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:1025:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:1045:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_write.c:1046:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ICS_MAXPATHLEN];
data/libics-1.6.4/support/icsviewer/readics.c:29:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "The file is not an ICS file.");
data/libics-1.6.4/support/icsviewer/readics.c:32:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Unsupported compression method.");
data/libics-1.6.4/support/icsviewer/readics.c:35:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Couldn't open the ICS file for reading.");
data/libics-1.6.4/support/icsviewer/readics.c:38:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Couldn't allocate memory to read ICS file.");
data/libics-1.6.4/support/icsviewer/readics.c:41:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Error reading ICS header.");
data/libics-1.6.4/support/icsviewer/readics.c:79:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "The file is not an ICS file.");
data/libics-1.6.4/support/icsviewer/readics.c:82:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Unsupported compression method.");
data/libics-1.6.4/support/icsviewer/readics.c:85:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Couldn't open the ICS file for reading.");
data/libics-1.6.4/support/icsviewer/readics.c:88:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Couldn't allocate memory to read ICS file.");
data/libics-1.6.4/support/icsviewer/readics.c:91:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Error reading ICS header.");
data/libics-1.6.4/support/icsviewer/readics.c:108:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Couldn't allocate memory for bitmap.");
data/libics-1.6.4/support/icsviewer/readics.c:152:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Failed to open the data file.");
data/libics-1.6.4/support/icsviewer/readics.c:158:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Failed reading the data file.");
data/libics-1.6.4/support/icsviewer/readics.c:161:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Requested plane is outside the image.");
data/libics-1.6.4/support/icsviewer/readics.c:164:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Unsupported pixel data type.");
data/libics-1.6.4/support/icsviewer/readics.c:167:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Unsupported compression method.");
data/libics-1.6.4/support/icsviewer/readics.c:170:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Couldn't allocate memory to read ICS file.");
data/libics-1.6.4/support/icsviewer/readics.c:173:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errortext, "Unspecified error reading data.");
data/libics-1.6.4/support/icsviewer/viewer.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errortext[300];
data/libics-1.6.4/support/icsviewer/viewer.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[300];
data/libics-1.6.4/support/icsviewer/viewer.c:174:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( ofn.lpstrFile, ".bmp" );
data/libics-1.6.4/support/icsviewer/writedib.c:23:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( (fp = fopen( szFile, "wb" )) == 0 )
data/libics-1.6.4/support/matlab/icsread.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICS_MAXPATHLEN];
data/libics-1.6.4/support/matlab/icsread.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errormessage[2048];
data/libics-1.6.4/support/matlab/icswrite.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICS_MAXPATHLEN];
data/libics-1.6.4/support/matlab/icswrite.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errormessage[2048];
data/libics-1.6.4/test_history.c:10:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ICS_LINE_LENGTH];
data/libics-1.6.4/test_history.c:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[ICS_STRLEN_TOKEN];
data/libics-1.6.4/test_ics2a.c:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datafile[ICS_MAXPATHLEN];
data/libics-1.6.4/test_metadata.c:18:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ICS_STRLEN_TOKEN];
data/libics-1.6.4/test_metadata.c:19:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[ICS_LINE_LENGTH];
data/libics-1.6.4/libics_binary.c:400:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) < ICS_MAXPATHLEN - 4) {
data/libics-1.6.4/libics_binary.c:405:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(filename + strlen(filename) - 3, ".Z");
data/libics-1.6.4/libics_gzip.c:106:46: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned long int x = (unsigned long int)getc(file);
data/libics-1.6.4/libics_gzip.c:107:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x += ((unsigned long int)getc(file))<<8;
data/libics-1.6.4/libics_gzip.c:108:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x += ((unsigned long int)getc(file))<<16;
data/libics-1.6.4/libics_gzip.c:109:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x += ((unsigned long int)getc(file))<<24;
data/libics-1.6.4/libics_gzip.c:404:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((getc(file) != gz_magic[0]) || (getc(file) != gz_magic[1]))
data/libics-1.6.4/libics_gzip.c:404:41: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((getc(file) != gz_magic[0]) || (getc(file) != gz_magic[1]))
data/libics-1.6.4/libics_gzip.c:406:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
method = getc(file);
data/libics-1.6.4/libics_gzip.c:407:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flags = getc(file);
data/libics-1.6.4/libics_gzip.c:413:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = (uInt)getc(file);
data/libics-1.6.4/libics_gzip.c:414:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len += ((uInt)getc(file)) << 8;
data/libics-1.6.4/libics_gzip.c:420:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(file)) != 0) && (c != EOF));
data/libics-1.6.4/libics_gzip.c:424:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((c = getc(file)) != 0) && (c != EOF));
data/libics-1.6.4/libics_history.c:114:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key) + strlen(value) + 2;
data/libics-1.6.4/libics_history.c:114:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key) + strlen(value) + 2;
data/libics-1.6.4/libics_history.c:116:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ICS_HISTORY) + len + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_history.c:208:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nchar = strlen(it->key);
data/libics-1.6.4/libics_history.c:244:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(it->key);
data/libics-1.6.4/libics_history.c:496:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key) + strlen(value) + 2;
data/libics-1.6.4/libics_history.c:496:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key) + strlen(value) + 2;
data/libics-1.6.4/libics_history.c:498:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ICS_HISTORY) + len + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_read.c:88:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(fi);
data/libics-1.6.4/libics_read.c:94:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(fi);
data/libics-1.6.4/libics_read.c:132:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sep1 = fgetc(fi);
data/libics-1.6.4/libics_read.c:136:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sep2 = fgetc(fi);
data/libics-1.6.4/libics_read.c:144:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sep3 = fgetc(fi);
data/libics-1.6.4/libics_read.c:265:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (token[strlen(token) - 1] == ']') {
data/libics-1.6.4/libics_read.c:614:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(ptr);
data/libics-1.6.4/libics_read.c:619:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(ICS_HISTORY);
data/libics-1.6.4/libics_read.c:620:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(data) + i + j + 4) > ICS_LINE_LENGTH) {
data/libics-1.6.4/libics_read.c:1026:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(icsStruct->type[sj]) == 0) {
data/libics-1.6.4/libics_top.c:99:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i<strlen(mode); i++) {
data/libics-1.6.4/libics_util.c:130:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nchar = strlen(src);
data/libics-1.6.4/libics_util.c:142:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/libics-1.6.4/libics_util.c:183:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/libics-1.6.4/libics_util.c:258:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!forceName && strlen(dest) + strlen(ICSEXT) + 1 < ICS_MAXPATHLEN) {
data/libics-1.6.4/libics_util.c:258:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!forceName && strlen(dest) + strlen(ICSEXT) + 1 < ICS_MAXPATHLEN) {
data/libics-1.6.4/libics_util.c:293:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dest) + strlen(IDSEXT) + 1 < ICS_MAXPATHLEN) {
data/libics-1.6.4/libics_util.c:293:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dest) + strlen(IDSEXT) + 1 < ICS_MAXPATHLEN) {
data/libics-1.6.4/libics_write.c:116:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:116:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:134:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:134:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:153:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index) + 4 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:153:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index) + 4 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:153:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index) + 4 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:156:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "[");
data/libics-1.6.4/libics_write.c:158:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "]");
data/libics-1.6.4/libics_write.c:176:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index1) + strlen(index2) +
data/libics-1.6.4/libics_write.c:176:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index1) + strlen(index2) +
data/libics-1.6.4/libics_write.c:176:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index1) + strlen(index2) +
data/libics-1.6.4/libics_write.c:176:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(tokenName) + strlen(index1) + strlen(index2) +
data/libics-1.6.4/libics_write.c:180:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "[");
data/libics-1.6.4/libics_write.c:184:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "]");
data/libics-1.6.4/libics_write.c:198:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(text) + 2 > ICS_LINE_LENGTH) return IcsErr_LineOverflow;
data/libics-1.6.4/libics_write.c:213:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(text) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:213:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(text) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:229:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(text) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:229:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(text) + 2 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:246:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(intStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:246:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(intStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:262:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(intStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:262:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(intStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:282:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(dStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:282:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(dStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:302:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(dStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/libics_write.c:302:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) + strlen(dStr) + 1 > ICS_LINE_LENGTH)
data/libics-1.6.4/support/cpp_interface/libics.cpp:326:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
coord.resize(std::strlen(&(coord[0])));
data/libics-1.6.4/support/cpp_interface/libics.cpp:436:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (std::strlen(str) == 0) {
data/libics-1.6.4/support/icsviewer/viewer.c:215:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TextOut( hDC, 5, 5, text, strlen( text ) );
ANALYSIS SUMMARY:
Hits = 245
Lines analyzed = 12954 in approximately 0.51 seconds (25456 lines/second)
Physical Source Lines of Code (SLOC) = 9507
Hits@level = [0] 222 [1] 71 [2] 120 [3] 0 [4] 54 [5] 0
Hits@level+ = [0+] 467 [1+] 245 [2+] 174 [3+] 54 [4+] 54 [5+] 0
Hits/KSLOC@level+ = [0+] 49.1217 [1+] 25.7705 [2+] 18.3023 [3+] 5.68003 [4+] 5.68003 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.