Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libopendbx-1.4.6/test/odbx-regression.c
Examining data/libopendbx-1.4.6/test/odbx-regression.h
Examining data/libopendbx-1.4.6/test/odbxplus-regression.cpp
Examining data/libopendbx-1.4.6/lib/odbxlib.h
Examining data/libopendbx-1.4.6/lib/odbx_impl.hpp
Examining data/libopendbx-1.4.6/lib/odbx.cpp
Examining data/libopendbx-1.4.6/lib/odbxdrv.h
Examining data/libopendbx-1.4.6/lib/odbx.h
Examining data/libopendbx-1.4.6/lib/odbx_iface.hpp
Examining data/libopendbx-1.4.6/lib/odbx_impl.cpp
Examining data/libopendbx-1.4.6/lib/odbx.c
Examining data/libopendbx-1.4.6/lib/odbxlib.c
Examining data/libopendbx-1.4.6/lib/opendbx/api.h
Examining data/libopendbx-1.4.6/backends/sqlite/sqlitebackend.h
Examining data/libopendbx-1.4.6/backends/sqlite/sqlitebackend.c
Examining data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.h
Examining data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c
Examining data/libopendbx-1.4.6/backends/firebird/firebirdbackend.c
Examining data/libopendbx-1.4.6/backends/firebird/firebird_basic.c
Examining data/libopendbx-1.4.6/backends/firebird/firebird_lo.h
Examining data/libopendbx-1.4.6/backends/firebird/firebird_lo.c
Examining data/libopendbx-1.4.6/backends/firebird/firebirdbackend.h
Examining data/libopendbx-1.4.6/backends/firebird/firebird_basic.h
Examining data/libopendbx-1.4.6/backends/mssql/mssqlbackend.h
Examining data/libopendbx-1.4.6/backends/mssql/mssql_basic.c
Examining data/libopendbx-1.4.6/backends/mssql/mssql_basic.h
Examining data/libopendbx-1.4.6/backends/mssql/mssqlbackend.c
Examining data/libopendbx-1.4.6/backends/pgsql/pgsqlbackend.c
Examining data/libopendbx-1.4.6/backends/pgsql/pgsql_basic.c
Examining data/libopendbx-1.4.6/backends/pgsql/pgsqlbackend.h
Examining data/libopendbx-1.4.6/backends/pgsql/pgsql_basic.h
Examining data/libopendbx-1.4.6/backends/oracle/oraclebackend.c
Examining data/libopendbx-1.4.6/backends/oracle/oracle_lo.c
Examining data/libopendbx-1.4.6/backends/oracle/oracle_basic.h
Examining data/libopendbx-1.4.6/backends/oracle/oracle_basic.c
Examining data/libopendbx-1.4.6/backends/oracle/oracle_lo.h
Examining data/libopendbx-1.4.6/backends/oracle/oraclebackend.h
Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3backend.c
Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.h
Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3backend.h
Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c
Examining data/libopendbx-1.4.6/backends/sybase/sybase_basic.c
Examining data/libopendbx-1.4.6/backends/sybase/sybase_basic.h
Examining data/libopendbx-1.4.6/backends/sybase/sybasebackend.h
Examining data/libopendbx-1.4.6/backends/sybase/sybasebackend.c
Examining data/libopendbx-1.4.6/backends/odbc/odbcbackend.c
Examining data/libopendbx-1.4.6/backends/odbc/odbcbackend.h
Examining data/libopendbx-1.4.6/backends/odbc/odbc_basic.c
Examining data/libopendbx-1.4.6/backends/odbc/odbc_basic.h
Examining data/libopendbx-1.4.6/backends/mysql/mysqlbackend.h
Examining data/libopendbx-1.4.6/backends/mysql/mysqlbackend.c
Examining data/libopendbx-1.4.6/backends/mysql/mysql_basic.h
Examining data/libopendbx-1.4.6/backends/mysql/mysql_basic.c
Examining data/libopendbx-1.4.6/utils/completion.cpp
Examining data/libopendbx-1.4.6/utils/odbx-sql.hpp
Examining data/libopendbx-1.4.6/utils/argmap.hpp
Examining data/libopendbx-1.4.6/utils/odbx-sql.cpp
Examining data/libopendbx-1.4.6/utils/argmap.cpp
Examining data/libopendbx-1.4.6/utils/commands.hpp
Examining data/libopendbx-1.4.6/utils/completion.hpp
Examining data/libopendbx-1.4.6/utils/commands.cpp
FINAL RESULTS:
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:186:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if( ( len = snprintf( server, 384, connstr, conn->host, conn->port, database ) ) > 384 )
data/libopendbx-1.4.6/lib/odbxlib.c:132:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = plen = snprintf( lib, ODBX_PATHSIZE, LIBPATH );
data/libopendbx-1.4.6/lib/odbxlib.c:134:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBPREFIX );
data/libopendbx-1.4.6/lib/odbxlib.c:137:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBSUFFIX );
data/libopendbx-1.4.6/lib/odbxlib.c:148:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, dgettext( "opendbx", gettext_noop( "Loading backend library %s, %s or %s failed" ) ), backend, lib + plen + 1, lib );
data/libopendbx-1.4.6/lib/odbxlib.c:219:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = plen = snprintf( lib, ODBX_PATHSIZE, PACKAGE );
data/libopendbx-1.4.6/lib/odbxlib.c:221:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBPREFIX );
data/libopendbx-1.4.6/lib/odbxlib.c:224:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBSUFFIX );
data/libopendbx-1.4.6/lib/odbxlib.c:235:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, dgettext( "opendbx", gettext_noop( "Loading backend library %s, %s or %s failed\n" ) ), backend, lib + plen + 1, lib );
data/libopendbx-1.4.6/lib/odbxlib.c:194:34: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
if( ( handle->backend = (void*) LoadLibrary( library ) ) != NULL )
data/libopendbx-1.4.6/test/odbx-regression.c:62:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while( ( param = getopt( argc, argv, "b:h:p:d:u:w:e:r:v" ) ) != -1 )
data/libopendbx-1.4.6/test/odbxplus-regression.cpp:72:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while( ( param = getopt( argc, argv, "b:h:p:d:u:w:e:r:v" ) ) != -1 )
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fbc->path, host, fbc->srvlen );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[512];
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( param + len + 2, who, len2 );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:167:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( param + len + 2, cred, len2 );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:181:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fbc->path + fbc->srvlen, database, len2 + 1 );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:587:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64] = { 0 };
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16] = { 0 };
data/libopendbx-1.4.6/backends/firebird/firebirdbackend.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[FIREBIRD_ERRLEN];
data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:101:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tc->host, host, len );
data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tc->errmsg, dgettext( "opendbx", mssql_odbx_errmsg[0] ), strlen( dgettext( "opendbx", mssql_odbx_errmsg[0] ) ) + 1 );
data/libopendbx-1.4.6/backends/mssql/mssqlbackend.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[MSSQL_MSGLEN];
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( aux->host, host, hlen );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:332:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( aux->mode, value, strlen( value ) + 1 );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:697:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( stmt, "SET SESSION sql_mode='", 22 );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:698:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( stmt + 22, lmode, modelen );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:699:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( stmt + 22 + modelen, "'", 2 );
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:79:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( gen->server, host, len );
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sqlstate[6];
data/libopendbx-1.4.6/backends/odbc/odbcbackend.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ODBC_COLNAMELEN];
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[384];
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:694:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( conn->colname, name, len );
data/libopendbx-1.4.6/backends/oracle/oraclebackend.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[ORACLE_PORTLEN];
data/libopendbx-1.4.6/backends/oracle/oraclebackend.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ORACLE_COLNAMELEN];
data/libopendbx-1.4.6/backends/oracle/oraclebackend.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[OCI_ERROR_MAXMSG_SIZE];
data/libopendbx-1.4.6/backends/pgsql/pgsqlbackend.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[PGSQL_BUFLEN+1];
data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:295:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( aux->stmt, query, length );
data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:321:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( aux->stmt, query, length );
data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:110:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( aux->host, host, aux->hostlen );
data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:169:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:869:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dec, val[i].value, sizeof( CS_NUMERIC ) );
data/libopendbx-1.4.6/backends/sybase/sybasebackend.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[SYBASE_ERRLEN];
data/libopendbx-1.4.6/lib/odbx.c:485:141: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( result != NULL && result->handle != NULL && result->handle->ops != NULL && result->handle->ops->lo != NULL && result->handle->ops->lo->open != NULL )
data/libopendbx-1.4.6/lib/odbx.c:487:35: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return result->handle->ops->lo->open( result, lo, value );
data/libopendbx-1.4.6/lib/odbxdrv.h:100:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open) ( odbx_result_t* result, odbx_lo_t** lo, const char* value );
data/libopendbx-1.4.6/lib/odbxlib.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib[ODBX_PATHSIZE+1];
data/libopendbx-1.4.6/lib/odbxlib.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib[ODBX_PATHSIZE+1];
data/libopendbx-1.4.6/test/odbx-regression.c:197:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[256];
data/libopendbx-1.4.6/test/odbx-regression.c:198:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char escaped[128];
data/libopendbx-1.4.6/test/odbx-regression.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/libopendbx-1.4.6/test/odbxplus-regression.cpp:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:77:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fbc->srvlen = strlen( host );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:82:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( port );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:143:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen( who );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:158:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen( cred );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:176:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen( database );
data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:882:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
static const char* firebird_priv_decimal( char* buffer, int strlen, short scale )
data/libopendbx-1.4.6/backends/firebird/firebird_basic.h:72:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
static const char* firebird_priv_decimal( char* buffer, int strlen, short scale );
data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:93:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( host ) + 1;
data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:134:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( tc->errmsg, dgettext( "opendbx", mssql_odbx_errmsg[0] ), strlen( dgettext( "opendbx", mssql_odbx_errmsg[0] ) ) + 1 );
data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:280:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*tolen = strlen( to );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:97:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t hlen = strlen( host ) + 1;
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:331:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aux->mode = realloc( aux->mode, strlen( value ) + 1 );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:332:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( aux->mode, value, strlen( value ) + 1 );
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:686:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( mode ) == 0 ) { return ODBX_ERR_SUCCESS; }
data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:688:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
modelen = strlen( mode );
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:75:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( host ) + 1;
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:106:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( who != NULL ) { wlen = strlen( who ); }
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:107:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( cred != NULL ) { clen = strlen( cred ); }
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:109:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gen->err = SQLSetConnectAttr( gen->conn, SQL_ATTR_CURRENT_CATALOG, (SQLCHAR*) database, strlen( database ) );
data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:134:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gen->err = SQLConnect( gen->conn, (SQLCHAR*) gen->server, strlen( gen->server ), (SQLCHAR*) who, wlen, (SQLCHAR*) cred, clen );
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:140:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( host ) + 8;
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:201:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( conn->errcode = OCIAttrSet( conn->sess, OCI_HTYPE_SESSION, (dvoid*) who, strlen( who ), OCI_ATTR_USERNAME, conn->err ) ) != OCI_SUCCESS )
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:206:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( conn->errcode = OCIAttrSet( conn->sess, OCI_HTYPE_SESSION, (dvoid*) cred, strlen( cred ), OCI_ATTR_PASSWORD, conn->err ) ) != OCI_SUCCESS )
data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:866:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( conn->errcode = OCIStmtPrepare( conn->stmt, conn->err, stmt, (ub4) strlen( (char*) stmt ), OCI_NTV_SYNTAX, OCI_DEFAULT ) ) != OCI_SUCCESS )
data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:86:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aux->pathlen = strlen( host ); /* host == directory */
data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:117:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t flen = strlen( database ) + 1;
data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:478:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (unsigned long) strlen( ((char**) result->generic)[num] );
data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:92:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aux->pathlen = strlen( host ); /* host == directory */
data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:126:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t flen = strlen( database );
data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:369:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( aux->length = strlen( aux->tail ) ) == 0 )
data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:102:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aux->hostlen = strlen( host );
data/libopendbx-1.4.6/lib/odbx.c:325:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( length == 0 ) { length = (unsigned long) strlen( query ); }
data/libopendbx-1.4.6/lib/odbx.c:511:175: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if( lo != NULL && lo->result != NULL && lo->result->handle != NULL && lo->result->handle->ops != NULL && lo->result->handle->ops->lo != NULL && lo->result->handle->ops->lo->read != NULL )
data/libopendbx-1.4.6/lib/odbx.c:513:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return lo->result->handle->ops->lo->read( lo, buffer, buflen );
data/libopendbx-1.4.6/lib/odbx.cpp:124:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t Lob::read( void* buffer, size_t buflen ) throw( std::exception )
data/libopendbx-1.4.6/lib/odbx.cpp:126:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return m_impl->read( buffer, buflen );
data/libopendbx-1.4.6/lib/odbx.cpp:567:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( length == 0 ) { length = (unsigned long) strlen( sql ); }
data/libopendbx-1.4.6/lib/odbx_iface.hpp:32:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual ssize_t read( void* buffer, size_t buflen ) throw( std::exception ) = 0;
data/libopendbx-1.4.6/lib/odbx_impl.cpp:69:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t Lob_Impl::read( void* buffer, size_t buflen ) throw( std::exception )
data/libopendbx-1.4.6/lib/odbx_impl.hpp:45:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read( void* buffer, size_t buflen ) throw( std::exception );
data/libopendbx-1.4.6/lib/odbxdrv.h:102:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t (*read) ( odbx_lo_t* lo, void* buffer, size_t buflen );
data/libopendbx-1.4.6/test/odbx-regression.c:202:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( err = odbx_escape( handle[0], value, strlen( value ), escaped, &len ) ) != 0 )
data/libopendbx-1.4.6/test/odbxplus-regression.cpp:330:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while( ( bytes = lob.read( buffer, sizeof( buffer ) - 1 ) ) != 0 )
data/libopendbx-1.4.6/utils/odbx-sql.cpp:136:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( line );
data/libopendbx-1.4.6/utils/odbx-sql.cpp:147:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( line );
ANALYSIS SUMMARY:
Hits = 98
Lines analyzed = 14059 in approximately 0.39 seconds (36461 lines/second)
Physical Source Lines of Code (SLOC) = 8979
Hits@level = [0] 136 [1] 45 [2] 41 [3] 3 [4] 9 [5] 0
Hits@level+ = [0+] 234 [1+] 98 [2+] 53 [3+] 12 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 26.0608 [1+] 10.9144 [2+] 5.90266 [3+] 1.33645 [4+] 1.00234 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.