Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libopendbx-1.4.6/test/odbx-regression.c Examining data/libopendbx-1.4.6/test/odbx-regression.h Examining data/libopendbx-1.4.6/test/odbxplus-regression.cpp Examining data/libopendbx-1.4.6/lib/odbxlib.h Examining data/libopendbx-1.4.6/lib/odbx_impl.hpp Examining data/libopendbx-1.4.6/lib/odbx.cpp Examining data/libopendbx-1.4.6/lib/odbxdrv.h Examining data/libopendbx-1.4.6/lib/odbx.h Examining data/libopendbx-1.4.6/lib/odbx_iface.hpp Examining data/libopendbx-1.4.6/lib/odbx_impl.cpp Examining data/libopendbx-1.4.6/lib/odbx.c Examining data/libopendbx-1.4.6/lib/odbxlib.c Examining data/libopendbx-1.4.6/lib/opendbx/api.h Examining data/libopendbx-1.4.6/backends/sqlite/sqlitebackend.h Examining data/libopendbx-1.4.6/backends/sqlite/sqlitebackend.c Examining data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.h Examining data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c Examining data/libopendbx-1.4.6/backends/firebird/firebirdbackend.c Examining data/libopendbx-1.4.6/backends/firebird/firebird_basic.c Examining data/libopendbx-1.4.6/backends/firebird/firebird_lo.h Examining data/libopendbx-1.4.6/backends/firebird/firebird_lo.c Examining data/libopendbx-1.4.6/backends/firebird/firebirdbackend.h Examining data/libopendbx-1.4.6/backends/firebird/firebird_basic.h Examining data/libopendbx-1.4.6/backends/mssql/mssqlbackend.h Examining data/libopendbx-1.4.6/backends/mssql/mssql_basic.c Examining data/libopendbx-1.4.6/backends/mssql/mssql_basic.h Examining data/libopendbx-1.4.6/backends/mssql/mssqlbackend.c Examining data/libopendbx-1.4.6/backends/pgsql/pgsqlbackend.c Examining data/libopendbx-1.4.6/backends/pgsql/pgsql_basic.c Examining data/libopendbx-1.4.6/backends/pgsql/pgsqlbackend.h Examining data/libopendbx-1.4.6/backends/pgsql/pgsql_basic.h Examining data/libopendbx-1.4.6/backends/oracle/oraclebackend.c Examining data/libopendbx-1.4.6/backends/oracle/oracle_lo.c Examining data/libopendbx-1.4.6/backends/oracle/oracle_basic.h Examining data/libopendbx-1.4.6/backends/oracle/oracle_basic.c Examining data/libopendbx-1.4.6/backends/oracle/oracle_lo.h Examining data/libopendbx-1.4.6/backends/oracle/oraclebackend.h Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3backend.c Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.h Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3backend.h Examining data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c Examining data/libopendbx-1.4.6/backends/sybase/sybase_basic.c Examining data/libopendbx-1.4.6/backends/sybase/sybase_basic.h Examining data/libopendbx-1.4.6/backends/sybase/sybasebackend.h Examining data/libopendbx-1.4.6/backends/sybase/sybasebackend.c Examining data/libopendbx-1.4.6/backends/odbc/odbcbackend.c Examining data/libopendbx-1.4.6/backends/odbc/odbcbackend.h Examining data/libopendbx-1.4.6/backends/odbc/odbc_basic.c Examining data/libopendbx-1.4.6/backends/odbc/odbc_basic.h Examining data/libopendbx-1.4.6/backends/mysql/mysqlbackend.h Examining data/libopendbx-1.4.6/backends/mysql/mysqlbackend.c Examining data/libopendbx-1.4.6/backends/mysql/mysql_basic.h Examining data/libopendbx-1.4.6/backends/mysql/mysql_basic.c Examining data/libopendbx-1.4.6/utils/completion.cpp Examining data/libopendbx-1.4.6/utils/odbx-sql.hpp Examining data/libopendbx-1.4.6/utils/argmap.hpp Examining data/libopendbx-1.4.6/utils/odbx-sql.cpp Examining data/libopendbx-1.4.6/utils/argmap.cpp Examining data/libopendbx-1.4.6/utils/commands.hpp Examining data/libopendbx-1.4.6/utils/completion.hpp Examining data/libopendbx-1.4.6/utils/commands.cpp FINAL RESULTS: data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:186:14: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if( ( len = snprintf( server, 384, connstr, conn->host, conn->port, database ) ) > 384 ) data/libopendbx-1.4.6/lib/odbxlib.c:132:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = plen = snprintf( lib, ODBX_PATHSIZE, LIBPATH ); data/libopendbx-1.4.6/lib/odbxlib.c:134:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBPREFIX ); data/libopendbx-1.4.6/lib/odbxlib.c:137:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBSUFFIX ); data/libopendbx-1.4.6/lib/odbxlib.c:148:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( stderr, dgettext( "opendbx", gettext_noop( "Loading backend library %s, %s or %s failed" ) ), backend, lib + plen + 1, lib ); data/libopendbx-1.4.6/lib/odbxlib.c:219:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = plen = snprintf( lib, ODBX_PATHSIZE, PACKAGE ); data/libopendbx-1.4.6/lib/odbxlib.c:221:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBPREFIX ); data/libopendbx-1.4.6/lib/odbxlib.c:224:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += snprintf( lib + len, ODBX_PATHSIZE - len, LIBSUFFIX ); data/libopendbx-1.4.6/lib/odbxlib.c:235:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( stderr, dgettext( "opendbx", gettext_noop( "Loading backend library %s, %s or %s failed\n" ) ), backend, lib + plen + 1, lib ); data/libopendbx-1.4.6/lib/odbxlib.c:194:34: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. if( ( handle->backend = (void*) LoadLibrary( library ) ) != NULL ) data/libopendbx-1.4.6/test/odbx-regression.c:62:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while( ( param = getopt( argc, argv, "b:h:p:d:u:w:e:r:v" ) ) != -1 ) data/libopendbx-1.4.6/test/odbxplus-regression.cpp:72:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while( ( param = getopt( argc, argv, "b:h:p:d:u:w:e:r:v" ) ) != -1 ) data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:95:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( fbc->path, host, fbc->srvlen ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:133:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param[512]; data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:152:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( param + len + 2, who, len2 ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:167:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( param + len + 2, cred, len2 ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:181:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( fbc->path + fbc->srvlen, database, len2 + 1 ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:291:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[512]; data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:587:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64] = { 0 }; data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:759:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16] = { 0 }; data/libopendbx-1.4.6/backends/firebird/firebirdbackend.h:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[FIREBIRD_ERRLEN]; data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:101:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( tc->host, host, len ); data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:134:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( tc->errmsg, dgettext( "opendbx", mssql_odbx_errmsg[0] ), strlen( dgettext( "opendbx", mssql_odbx_errmsg[0] ) ) + 1 ); data/libopendbx-1.4.6/backends/mssql/mssqlbackend.h:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[MSSQL_MSGLEN]; data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( aux->host, host, hlen ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:332:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( aux->mode, value, strlen( value ) + 1 ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:697:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( stmt, "SET SESSION sql_mode='", 22 ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:698:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( stmt + 22, lmode, modelen ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:699:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( stmt + 22 + modelen, "'", 2 ); data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:79:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( gen->server, host, len ); data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:301:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqlstate[6]; data/libopendbx-1.4.6/backends/odbc/odbcbackend.h:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colname[ODBC_COLNAMELEN]; data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[384]; data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:694:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( conn->colname, name, len ); data/libopendbx-1.4.6/backends/oracle/oraclebackend.h:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port[ORACLE_PORTLEN]; data/libopendbx-1.4.6/backends/oracle/oraclebackend.h:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colname[ORACLE_COLNAMELEN]; data/libopendbx-1.4.6/backends/oracle/oraclebackend.h:54:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[OCI_ERROR_MAXMSG_SIZE]; data/libopendbx-1.4.6/backends/pgsql/pgsqlbackend.h:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char info[PGSQL_BUFLEN+1]; data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:295:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( aux->stmt, query, length ); data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:321:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( aux->stmt, query, length ); data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:110:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( aux->host, host, aux->hostlen ); data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:169:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64]; data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:869:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &dec, val[i].value, sizeof( CS_NUMERIC ) ); data/libopendbx-1.4.6/backends/sybase/sybasebackend.h:49:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[SYBASE_ERRLEN]; data/libopendbx-1.4.6/lib/odbx.c:485:141: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( result != NULL && result->handle != NULL && result->handle->ops != NULL && result->handle->ops->lo != NULL && result->handle->ops->lo->open != NULL ) data/libopendbx-1.4.6/lib/odbx.c:487:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return result->handle->ops->lo->open( result, lo, value ); data/libopendbx-1.4.6/lib/odbxdrv.h:100:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int (*open) ( odbx_result_t* result, odbx_lo_t** lo, const char* value ); data/libopendbx-1.4.6/lib/odbxlib.c:128:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lib[ODBX_PATHSIZE+1]; data/libopendbx-1.4.6/lib/odbxlib.c:213:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lib[ODBX_PATHSIZE+1]; data/libopendbx-1.4.6/test/odbx-regression.c:197:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[256]; data/libopendbx-1.4.6/test/odbx-regression.c:198:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char escaped[128]; data/libopendbx-1.4.6/test/odbx-regression.c:393:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64]; data/libopendbx-1.4.6/test/odbxplus-regression.cpp:322:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64]; data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:77:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fbc->srvlen = strlen( host ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:82:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( port ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:143:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen( who ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:158:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen( cred ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:176:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen( database ); data/libopendbx-1.4.6/backends/firebird/firebird_basic.c:882:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static const char* firebird_priv_decimal( char* buffer, int strlen, short scale ) data/libopendbx-1.4.6/backends/firebird/firebird_basic.h:72:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static const char* firebird_priv_decimal( char* buffer, int strlen, short scale ); data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:93:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( host ) + 1; data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:134:68: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy( tc->errmsg, dgettext( "opendbx", mssql_odbx_errmsg[0] ), strlen( dgettext( "opendbx", mssql_odbx_errmsg[0] ) ) + 1 ); data/libopendbx-1.4.6/backends/mssql/mssql_basic.c:280:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *tolen = strlen( to ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:97:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t hlen = strlen( host ) + 1; data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:331:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). aux->mode = realloc( aux->mode, strlen( value ) + 1 ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:332:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy( aux->mode, value, strlen( value ) + 1 ); data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:686:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( mode ) == 0 ) { return ODBX_ERR_SUCCESS; } data/libopendbx-1.4.6/backends/mysql/mysql_basic.c:688:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). modelen = strlen( mode ); data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:75:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen( host ) + 1; data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:106:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( who != NULL ) { wlen = strlen( who ); } data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:107:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( cred != NULL ) { clen = strlen( cred ); } data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:109:90: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gen->err = SQLSetConnectAttr( gen->conn, SQL_ATTR_CURRENT_CATALOG, (SQLCHAR*) database, strlen( database ) ); data/libopendbx-1.4.6/backends/odbc/odbc_basic.c:134:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gen->err = SQLConnect( gen->conn, (SQLCHAR*) gen->server, strlen( gen->server ), (SQLCHAR*) who, wlen, (SQLCHAR*) cred, clen ); data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:140:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen( host ) + 8; data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:201:81: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( ( conn->errcode = OCIAttrSet( conn->sess, OCI_HTYPE_SESSION, (dvoid*) who, strlen( who ), OCI_ATTR_USERNAME, conn->err ) ) != OCI_SUCCESS ) data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:206:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( ( conn->errcode = OCIAttrSet( conn->sess, OCI_HTYPE_SESSION, (dvoid*) cred, strlen( cred ), OCI_ATTR_PASSWORD, conn->err ) ) != OCI_SUCCESS ) data/libopendbx-1.4.6/backends/oracle/oracle_basic.c:866:75: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( ( conn->errcode = OCIStmtPrepare( conn->stmt, conn->err, stmt, (ub4) strlen( (char*) stmt ), OCI_NTV_SYNTAX, OCI_DEFAULT ) ) != OCI_SUCCESS ) data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:86:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). aux->pathlen = strlen( host ); /* host == directory */ data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:117:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t flen = strlen( database ) + 1; data/libopendbx-1.4.6/backends/sqlite/sqlite_basic.c:478:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (unsigned long) strlen( ((char**) result->generic)[num] ); data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:92:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). aux->pathlen = strlen( host ); /* host == directory */ data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:126:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t flen = strlen( database ); data/libopendbx-1.4.6/backends/sqlite3/sqlite3_basic.c:369:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( ( aux->length = strlen( aux->tail ) ) == 0 ) data/libopendbx-1.4.6/backends/sybase/sybase_basic.c:102:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). aux->hostlen = strlen( host ); data/libopendbx-1.4.6/lib/odbx.c:325:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( length == 0 ) { length = (unsigned long) strlen( query ); } data/libopendbx-1.4.6/lib/odbx.c:511:175: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if( lo != NULL && lo->result != NULL && lo->result->handle != NULL && lo->result->handle->ops != NULL && lo->result->handle->ops->lo != NULL && lo->result->handle->ops->lo->read != NULL ) data/libopendbx-1.4.6/lib/odbx.c:513:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return lo->result->handle->ops->lo->read( lo, buffer, buflen ); data/libopendbx-1.4.6/lib/odbx.cpp:124:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t Lob::read( void* buffer, size_t buflen ) throw( std::exception ) data/libopendbx-1.4.6/lib/odbx.cpp:126:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return m_impl->read( buffer, buflen ); data/libopendbx-1.4.6/lib/odbx.cpp:567:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( length == 0 ) { length = (unsigned long) strlen( sql ); } data/libopendbx-1.4.6/lib/odbx_iface.hpp:32:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual ssize_t read( void* buffer, size_t buflen ) throw( std::exception ) = 0; data/libopendbx-1.4.6/lib/odbx_impl.cpp:69:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t Lob_Impl::read( void* buffer, size_t buflen ) throw( std::exception ) data/libopendbx-1.4.6/lib/odbx_impl.hpp:45:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t read( void* buffer, size_t buflen ) throw( std::exception ); data/libopendbx-1.4.6/lib/odbxdrv.h:102:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t (*read) ( odbx_lo_t* lo, void* buffer, size_t buflen ); data/libopendbx-1.4.6/test/odbx-regression.c:202:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( ( err = odbx_escape( handle[0], value, strlen( value ), escaped, &len ) ) != 0 ) data/libopendbx-1.4.6/test/odbxplus-regression.cpp:330:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while( ( bytes = lob.read( buffer, sizeof( buffer ) - 1 ) ) != 0 ) data/libopendbx-1.4.6/utils/odbx-sql.cpp:136:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( line ); data/libopendbx-1.4.6/utils/odbx-sql.cpp:147:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( line ); ANALYSIS SUMMARY: Hits = 98 Lines analyzed = 14059 in approximately 0.39 seconds (36461 lines/second) Physical Source Lines of Code (SLOC) = 8979 Hits@level = [0] 136 [1] 45 [2] 41 [3] 3 [4] 9 [5] 0 Hits@level+ = [0+] 234 [1+] 98 [2+] 53 [3+] 12 [4+] 9 [5+] 0 Hits/KSLOC@level+ = [0+] 26.0608 [1+] 10.9144 [2+] 5.90266 [3+] 1.33645 [4+] 1.00234 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.