Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libpst-0.6.75/src/pst2dii.cpp
Examining data/libpst-0.6.75/src/lzfu.c
Examining data/libpst-0.6.75/src/getidblock.c
Examining data/libpst-0.6.75/src/nick2ldif.cpp
Examining data/libpst-0.6.75/src/msg.h
Examining data/libpst-0.6.75/src/debug.c
Examining data/libpst-0.6.75/src/pst2ldif.cpp
Examining data/libpst-0.6.75/src/readpst.c
Examining data/libpst-0.6.75/src/msg.cpp
Examining data/libpst-0.6.75/src/libpst.h
Examining data/libpst-0.6.75/src/vbuf.c
Examining data/libpst-0.6.75/src/libstrfunc.h
Examining data/libpst-0.6.75/src/common.h
Examining data/libpst-0.6.75/src/timeconv.h
Examining data/libpst-0.6.75/src/vbuf.h
Examining data/libpst-0.6.75/src/deltasearch.cpp
Examining data/libpst-0.6.75/src/XGetopt.h
Examining data/libpst-0.6.75/src/libstrfunc.c
Examining data/libpst-0.6.75/src/lzfu.h
Examining data/libpst-0.6.75/src/define.h
Examining data/libpst-0.6.75/src/lspst.c
Examining data/libpst-0.6.75/src/dumpblocks.c
Examining data/libpst-0.6.75/src/XGetopt.c
Examining data/libpst-0.6.75/src/timeconv.c
Examining data/libpst-0.6.75/src/libpst.c
Examining data/libpst-0.6.75/python/python-libpst.cpp
FINAL RESULTS:
data/libpst-0.6.75/src/debug.c:101:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(debug_fp, fmt, ap);
data/libpst-0.6.75/src/define.h:66:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/libpst-0.6.75/src/define.h:67:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libpst-0.6.75/src/define.h:67:24: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libpst-0.6.75/src/define.h:94:41: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define ctime_r(tp,tmp) (ctime(tp)?(strcpy((tmp),ctime((tp))),(tmp)):0)
data/libpst-0.6.75/src/define.h:98:45: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define ctime_r(tp,tmp) (ctime(tp)?(strcpy((tmp),ctime((tp))),(tmp)):0)
data/libpst-0.6.75/src/define.h:155:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf x; \
data/libpst-0.6.75/src/dumpblocks.c:59:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(outname, OUT_BUF, "%#"PRIx64, ptr->i_id);
data/libpst-0.6.75/src/nick2ldif.cpp:73:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(givenName, cn);
data/libpst-0.6.75/src/nick2ldif.cpp:74:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sn, cn);
data/libpst-0.6.75/src/pst2dii.cpp:185:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s/%s_attach%i", output_directory, f_name, attach_num);
data/libpst-0.6.75/src/pst2dii.cpp:192:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s/%s_%s", output_directory, f_name, attach_filename);
data/libpst-0.6.75/src/pst2dii.cpp:194:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s/%s_%s-%i", output_directory, f_name, attach_filename, x);
data/libpst-0.6.75/src/pst2dii.cpp:385:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(conversion.c_str());
data/libpst-0.6.75/src/readpst.c:436:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(acceptable_extensions, optarg);
data/libpst-0.6.75/src/readpst.c:650:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(item->file_as.str, temp);
data/libpst-0.6.75/src/readpst.c:771:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(dir, OUTPUT_KMAIL_DIR_TEMPLATE, fname);
data/libpst-0.6.75/src/readpst.c:787:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(index, KMAIL_INDEX, fname);
data/libpst-0.6.75/src/readpst.c:894:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(dir_name, dirsize, "%s" SEP_MAIL_FILE_TEMPLATE, dir, y, ""); // enough for 9 digits allocated above
data/libpst-0.6.75/src/readpst.c:959:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(f->name[t], SEP_MAIL_FILE_TEMPLATE, f->item_count, extension);
data/libpst-0.6.75/src/readpst.c:1087:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s-attach%i", f_name, attach_num);
data/libpst-0.6.75/src/readpst.c:1094:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s-%s", f_name, attach_filename);
data/libpst-0.6.75/src/readpst.c:1096:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s-%s-%i", f_name, attach_filename, x);
data/libpst-0.6.75/src/readpst.c:2041:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(f_output, fmt, pst_rfc2426_escape(ef->value, &result, &resultlen));
data/libpst-0.6.75/src/readpst.c:2143:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(byday, temp);
data/libpst-0.6.75/src/readpst.c:2207:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(f->dname, item->file_as.str);
data/libpst-0.6.75/src/readpst.c:2216:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(f->name[t], OUTPUT_TEMPLATE, item->file_as.str, item_type_to_name(t));
data/libpst-0.6.75/src/readpst.c:2248:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(f->name[t], OUTPUT_TEMPLATE, item->file_as.str, item_type_to_name(t));
data/libpst-0.6.75/src/readpst.c:2261:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s", f->name[t]);
data/libpst-0.6.75/src/readpst.c:2266:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s%08d", f->name[t], x);
data/libpst-0.6.75/src/XGetopt.c:139:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc, char* const* argv, char *optstring)
data/libpst-0.6.75/src/XGetopt.h:21:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc, char* const* argv, char *optstring);
data/libpst-0.6.75/src/dumpblocks.c:14:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "o:")) != -1) {
data/libpst-0.6.75/src/getidblock.c:93:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "bp")) != -1) {
data/libpst-0.6.75/src/lspst.c:221:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:f:lhV"))!= -1) {
data/libpst-0.6.75/src/nick2ldif.cpp:24:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "b:c:"))!= -1) {
data/libpst-0.6.75/src/pst2dii.cpp:646:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "B:b:c:d:f:o:O:Vh"))!= -1) {
data/libpst-0.6.75/src/pst2ldif.cpp:589:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "b:c:d:l:oVh"))!= -1) {
data/libpst-0.6.75/src/readpst.c:422:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned)now);
data/libpst-0.6.75/src/readpst.c:430:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "a:bC:c:Dd:emhj:kMo:qrSt:uVwL:8"))!= -1) {
data/libpst-0.6.75/python/python-libpst.cpp:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/libpst-0.6.75/python/python-libpst.cpp:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/libpst-0.6.75/python/python-libpst.cpp:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/libpst-0.6.75/python/python-libpst.cpp:166:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return ::fopen(filename.c_str(), mode.c_str());
data/libpst-0.6.75/src/debug.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char indent[MAX_DEPTH*4+1];
data/libpst-0.6.75/src/debug.c:52:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((debug_fp = fopen(fname, "wb")) == NULL) {
data/libpst-0.6.75/src/deltasearch.cpp:49:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(argv[1], O_RDONLY);
data/libpst-0.6.75/src/deltasearch.cpp:50:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int d = atoi(argv[2]);
data/libpst-0.6.75/src/dumpblocks.c:60:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(outname, "wb")) == NULL) {
data/libpst-0.6.75/src/libpst.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base64_extra_chars[2]; // up to two pending unencoded bytes
data/libpst-0.6.75/src/libpst.c:330:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pf->fp = fopen(name, "rb")) == NULL) {
data/libpst-0.6.75/src/libpst.c:782:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wt, &(headerbuffer[xattrib.extended+sizeof(tint)]), (size_t)tint);
data/libpst-0.6.75/src/libpst.c:863:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(desc, buf, sizeof(pst_desc));
data/libpst-0.6.75/src/libpst.c:875:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&d32, buf, sizeof(pst_desc32));
data/libpst-0.6.75/src/libpst.c:897:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(table, buf, sizeof(struct pst_table_ptr_struct));
data/libpst-0.6.75/src/libpst.c:907:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t32, buf, sizeof(struct pst_table_ptr_struct32));
data/libpst-0.6.75/src/libpst.c:926:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(index, buf, sizeof(pst_index));
data/libpst-0.6.75/src/libpst.c:938:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&index64, buf, sizeof(pst_index64));
data/libpst-0.6.75/src/libpst.c:955:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&index32, buf, sizeof(pst_index32));
data/libpst-0.6.75/src/libpst.c:978:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(assoc, buf, sizeof(pst_id2_assoc));
data/libpst-0.6.75/src/libpst.c:987:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&assoc32, buf, sizeof(pst_id2_assoc32));
data/libpst-0.6.75/src/libpst.c:1007:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(table3_rec, buf, sizeof(pst_table3_rec));
data/libpst-0.6.75/src/libpst.c:1014:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&table3_rec32, buf, sizeof(pst_table3_rec32));
data/libpst-0.6.75/src/libpst.c:1722:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&table_rec.value, ind2_ptr + table2_rec.ind2_off, n);
data/libpst-0.6.75/src/libpst.c:1799:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mo_ptr->elements[x]->data, &(table_rec.value), sizeof(int32_t));
data/libpst-0.6.75/src/libpst.c:1824:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mo_ptr->elements[x]->data, value_pointer, value_size);
data/libpst-0.6.75/src/libpst.c:1846:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mo_ptr->elements[x]->data, block_offset7.from, value_size);
data/libpst-0.6.75/src/libpst.c:1882:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mo_ptr->elements[x]->data, utf8buf->b, utf8buf->dlen);
data/libpst-0.6.75/src/libpst.c:1924:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targ, list->elements[x]->data, list->elements[x]->size);\
data/libpst-0.6.75/src/libpst.c:1976:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(targ), list->elements[x]->data, sizeof(targ)); \
data/libpst-0.6.75/src/libpst.c:1990:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(targ), list->elements[x]->data, sizeof(targ)); \
data/libpst-0.6.75/src/libpst.c:2109:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targ, list->elements[x]->data, sizeof(FILETIME)); \
data/libpst-0.6.75/src/libpst.c:2141:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targ.data, list->elements[x]->data, targ.size); \
data/libpst-0.6.75/src/libpst.c:2190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[30];
data/libpst-0.6.75/src/libpst.c:2211:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ef->value, list->elements[x]->data + offset, string_length);
data/libpst-0.6.75/src/libpst.c:3658:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(p->from), &(buf[(i_offset+2)+of1]), sizeof(p->from));
data/libpst-0.6.75/src/libpst.c:3659:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(p->to), &(buf[(i_offset+2)+of1+sizeof(p->from)]), sizeof(p->to));
data/libpst-0.6.75/src/libpst.c:4163:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(h->buf)+size, *buf, z);
data/libpst-0.6.75/src/libpst.c:4172:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, h->base64_extra_chars, h->base64_extra);
data/libpst-0.6.75/src/libpst.c:4180:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h->base64_extra_chars, *buf+z, h->base64_extra);
data/libpst-0.6.75/src/libpst.c:4473:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "utf-8''");
data/libpst-0.6.75/src/libpst.c:4548:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/libpst-0.6.75/src/libpst.h:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entryid[16];
data/libpst-0.6.75/src/lspst.c:103:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[MAXDATEFMTLEN];
data/libpst-0.6.75/src/lspst.c:146:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[30];
data/libpst-0.6.75/src/lzfu.c:39:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dict[4096]; // the dictionary buffer
data/libpst-0.6.75/src/lzfu.c:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dict, LZFU_INITDICT, LZFU_INITLENGTH);
data/libpst-0.6.75/src/lzfu.c:80:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&blkhdr, rtfcomp+in_ptr, 2);
data/libpst-0.6.75/src/msg.cpp:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bsize];
data/libpst-0.6.75/src/msg.cpp:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charset[30];
data/libpst-0.6.75/src/msg.cpp:369:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("temp_file_attachment", "w+b");
data/libpst-0.6.75/src/nick2ldif.cpp:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_SIZE];
data/libpst-0.6.75/src/nick2ldif.cpp:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cn[1000], givenName[1000], sn[1000];
data/libpst-0.6.75/src/pst2dii.cpp:195:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} while ((fp = fopen(temp, "r")) && ++x < 99999999);
data/libpst-0.6.75/src/pst2dii.cpp:201:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(temp, "wb"))) {
data/libpst-0.6.75/src/pst2dii.cpp:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xline[len+1];
data/libpst-0.6.75/src/pst2dii.cpp:229:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xline, line, len);
data/libpst-0.6.75/src/pst2dii.cpp:264:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blanks[5];
data/libpst-0.6.75/src/pst2dii.cpp:325:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:350:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pngout = fopen(fn, "wb");
data/libpst-0.6.75/src/pst2dii.cpp:423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[len];
data/libpst-0.6.75/src/pst2dii.cpp:460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char folder_line[LINE_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:483:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_time[C_TIME_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:491:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_time[C_TIME_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:543:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_time[C_TIME_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:562:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ln[LINE_SIZE];
data/libpst-0.6.75/src/pst2dii.cpp:652:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bates_index = atoi(optarg);
data/libpst-0.6.75/src/pst2dii.cpp:721:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dii_file = fopen(output_file, "wb");
data/libpst-0.6.75/src/pst2ldif.cpp:126:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cn[1000];
data/libpst-0.6.75/src/pst2ldif.cpp:522:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value[0], value1.str, len1);
data/libpst-0.6.75/src/pst2ldif.cpp:524:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value[0] + len1 + 1, value2.str, len2 + 1);
data/libpst-0.6.75/src/readpst.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[PST_TYPE_MAX];
data/libpst-0.6.75/src/readpst.c:482:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_children = atoi(optarg);
data/libpst-0.6.75/src/readpst.c:502:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pst_debug_setlevel(atoi(optarg));
data/libpst-0.6.75/src/readpst.c:886:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_name[dirsize];
data/libpst-0.6.75/src/readpst.c:962:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f->output[t] = fopen(f->name[t], "w"))) {
data/libpst-0.6.75/src/readpst.c:1097:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} while ((fp = fopen(temp, "r")) && ++x < 99999999);
data/libpst-0.6.75/src/readpst.c:1103:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(temp, "w"))) {
data/libpst-0.6.75/src/readpst.c:1291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[60];
data/libpst-0.6.75/src/readpst.c:1519:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[30];
data/libpst-0.6.75/src/readpst.c:1540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boundary[60];
data/libpst-0.6.75/src/readpst.c:1541:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altboundary[66];
data/libpst-0.6.75/src/readpst.c:1543:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char body_charset[30];
data/libpst-0.6.75/src/readpst.c:1544:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_charset[30];
data/libpst-0.6.75/src/readpst.c:1545:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char body_report[60];
data/libpst-0.6.75/src/readpst.c:1546:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sender[60];
data/libpst-0.6.75/src/readpst.c:1725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_time[C_TIME_SIZE];
data/libpst-0.6.75/src/readpst.c:1871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[30];
data/libpst-0.6.75/src/readpst.c:2057:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[30];
data/libpst-0.6.75/src/readpst.c:2085:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[30];
data/libpst-0.6.75/src/readpst.c:2134:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byday[40];
data/libpst-0.6.75/src/readpst.c:2141:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[40];
data/libpst-0.6.75/src/readpst.c:2228:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *type_file = fopen(".type", "w");
data/libpst-0.6.75/src/readpst.c:2263:44: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ((f->output[t] = fopen(temp, "r"))) {
data/libpst-0.6.75/src/readpst.c:2281:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f->output[t] = fopen(f->name[t], "w"))) {
data/libpst-0.6.75/src/readpst.c:2326:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *type_file = fopen(".size", "w");
data/libpst-0.6.75/src/vbuf.c:162:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nb, vb->b, vb->dlen);
data/libpst-0.6.75/src/vbuf.c:169:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vb->buf, vb->b, vb->dlen);
data/libpst-0.6.75/src/vbuf.c:183:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vb->b, b, len);
data/libpst-0.6.75/src/vbuf.c:197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vb->b + vb->dlen, b, len);
data/libpst-0.6.75/src/deltasearch.cpp:58:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t s = read(fd, &buf[0], size);
data/libpst-0.6.75/src/libpst.c:642:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)pst_fwrite(c, (size_t)1, strlen(c), fp);
data/libpst-0.6.75/src/libpst.c:4186:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DEBUG_INFO(("writing %i bytes to file as base64 [%i]. Currently %i\n", z, strlen(t), size));
data/libpst-0.6.75/src/libpst.c:4187:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)pst_fwrite(t, (size_t)1, strlen(t), h->fp);
data/libpst-0.6.75/src/libpst.c:4218:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)pst_fwrite(t, (size_t)1, strlen(t), h->fp);
data/libpst-0.6.75/src/libpst.c:4311:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = strlen(str) + y - z + 1; // don't forget room for the NUL
data/libpst-0.6.75/src/libpst.c:4471:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(str->str) + 2*needs + 15;
data/libpst-0.6.75/src/libpst.c:4477:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z += strlen(buffer); // skip the utf8 prefix
data/libpst-0.6.75/src/libpst.c:4513:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *enc = pst_base64_encode_single(str->str, strlen(str->str));
data/libpst-0.6.75/src/libpst.c:4515:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(enc) + 20;
data/libpst-0.6.75/src/libpst.c:4521:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(str->str) + 10;
data/libpst-0.6.75/src/libpst.c:4567:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t rc = pst_vb_8bit2utf8(newer, str->str, strlen(str->str) + 1, charset);
data/libpst-0.6.75/src/msg.cpp:42:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strsize = strlen(str.str);
data/libpst-0.6.75/src/msg.cpp:130:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_property(out, prop, tag, contents.str, strlen(contents.str));
data/libpst-0.6.75/src/msg.cpp:139:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_property(out, prop, tag, contents.str, strlen(contents.str)+1);
data/libpst-0.6.75/src/msg.cpp:395:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_property(out, prop_list, 0x3704001E, n, strlen(n));
data/libpst-0.6.75/src/nick2ldif.cpp:47:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(line);
data/libpst-0.6.75/src/nick2ldif.cpp:68:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(givenName, ff+1, sizeof(givenName)-1);
data/libpst-0.6.75/src/nick2ldif.cpp:70:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sn, f, sizeof(sn)-1);
data/libpst-0.6.75/src/pst2dii.cpp:136:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(headers, bad, strlen(bad)) == 0) {
data/libpst-0.6.75/src/pst2dii.cpp:181:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(output_directory) + 1 + strlen(f_name) + 15;
data/libpst-0.6.75/src/pst2dii.cpp:181:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(output_directory) + 1 + strlen(f_name) + 15;
data/libpst-0.6.75/src/pst2dii.cpp:188:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = (char*)pst_malloc(len+strlen(attach_filename));
data/libpst-0.6.75/src/pst2dii.cpp:270:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(line);
data/libpst-0.6.75/src/pst2dii.cpp:300:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pst_fwrite(line, 1, strlen(line), dii_file);
data/libpst-0.6.75/src/pst2dii.cpp:372:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(output_directory) + 4 + 6 + 4 + 1;
data/libpst-0.6.75/src/pst2dii.cpp:422:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(field) + 4;
data/libpst-0.6.75/src/pst2dii.cpp:427:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(f);
data/libpst-0.6.75/src/pst2dii.cpp:513:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(soh);
data/libpst-0.6.75/src/pst2ldif.cpp:102:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vector<char> n(strlen(name)+10);
data/libpst-0.6.75/src/pst2ldif.cpp:375:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value) + 1;
data/libpst-0.6.75/src/pst2ldif.cpp:508:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(value1.str);
data/libpst-0.6.75/src/pst2ldif.cpp:515:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(value2.str);
data/libpst-0.6.75/src/pst2ldif.cpp:654:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (old_schema && (strlen(ldap_base) > 2)) {
data/libpst-0.6.75/src/readpst.c:434:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(optarg);
data/libpst-0.6.75/src/readpst.c:649:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item->file_as.str = (char*)pst_malloc(strlen(temp)+1);
data/libpst-0.6.75/src/readpst.c:697:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pst_fwrite(body, strlen(body), 1, f);
data/libpst-0.6.75/src/readpst.c:770:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir = pst_malloc(strlen(fname)+strlen(OUTPUT_KMAIL_DIR_TEMPLATE)+1);
data/libpst-0.6.75/src/readpst.c:770:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir = pst_malloc(strlen(fname)+strlen(OUTPUT_KMAIL_DIR_TEMPLATE)+1);
data/libpst-0.6.75/src/readpst.c:786:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = pst_malloc(strlen(fname)+strlen(KMAIL_INDEX)+1);
data/libpst-0.6.75/src/readpst.c:786:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = pst_malloc(strlen(fname)+strlen(KMAIL_INDEX)+1);
data/libpst-0.6.75/src/readpst.c:885:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dirsize = strlen(dir) + 10;
data/libpst-0.6.75/src/readpst.c:1052:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a += strlen(a) + 1;
data/libpst-0.6.75/src/readpst.c:1086:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = pst_malloc(strlen(f_name)+15);
data/libpst-0.6.75/src/readpst.c:1090:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = pst_malloc(strlen(f_name)+strlen(attach_filename)+15);
data/libpst-0.6.75/src/readpst.c:1090:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = pst_malloc(strlen(f_name)+strlen(attach_filename)+15);
data/libpst-0.6.75/src/readpst.c:1237:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(field);
data/libpst-0.6.75/src/readpst.c:1267:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(header) > 2) {
data/libpst-0.6.75/src/readpst.c:1279:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (my_stristr(header, field) || (strncasecmp(header, field+1, strlen(field)-1) == 0)) {
data/libpst-0.6.75/src/readpst.c:1298:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(search); // skip over subfield=
data/libpst-0.6.75/src/readpst.c:1321:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!t && (strncasecmp(header, field+1, strlen(field)-1) == 0)) t = header;
data/libpst-0.6.75/src/readpst.c:1368:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DEBUG_HEXDUMPC(body, strlen(body), 0x10);
data/libpst-0.6.75/src/readpst.c:1398:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DEBUG_HEXDUMPC(html, strlen(html), 0x10);
data/libpst-0.6.75/src/readpst.c:1446:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t body_len = strlen(body->str);
data/libpst-0.6.75/src/readpst.c:1562:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(body_charset, pst_default_charset(item, sizeof(buffer_charset), buffer_charset), sizeof(body_charset));
data/libpst-0.6.75/src/readpst.c:1564:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(body_report, "delivery-status", sizeof(body_report));
data/libpst-0.6.75/src/readpst.c:1576:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sender, temp, sizeof(sender));
data/libpst-0.6.75/src/readpst.c:1584:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_time[strlen(c_time)-1] = '\0'; //remove end \n
data/libpst-0.6.75/src/readpst.c:1669:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(headers);
data/libpst-0.6.75/src/readpst.c:1742:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(item->email->sender_address.str) > 0)) {
data/libpst-0.6.75/src/readpst.c:2206:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->dname = (char*) pst_malloc(strlen(item->file_as.str)+1);
data/libpst-0.6.75/src/readpst.c:2215:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->name[t] = (char*) pst_malloc(strlen(item->file_as.str)+strlen(OUTPUT_TEMPLATE)+30);
data/libpst-0.6.75/src/readpst.c:2215:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->name[t] = (char*) pst_malloc(strlen(item->file_as.str)+strlen(OUTPUT_TEMPLATE)+30);
data/libpst-0.6.75/src/readpst.c:2247:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->name[t] = (char*) pst_malloc(strlen(item->file_as.str)+strlen(OUTPUT_TEMPLATE)+30);
data/libpst-0.6.75/src/readpst.c:2247:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->name[t] = (char*) pst_malloc(strlen(item->file_as.str)+strlen(OUTPUT_TEMPLATE)+30);
data/libpst-0.6.75/src/readpst.c:2259:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *temp = (char*) pst_malloc (strlen(f->name[t])+10); //enough room for 10 digits
ANALYSIS SUMMARY:
Hits = 207
Lines analyzed = 12715 in approximately 0.44 seconds (28926 lines/second)
Physical Source Lines of Code (SLOC) = 9906
Hits@level = [0] 378 [1] 66 [2] 101 [3] 10 [4] 30 [5] 0
Hits@level+ = [0+] 585 [1+] 207 [2+] 141 [3+] 40 [4+] 30 [5+] 0
Hits/KSLOC@level+ = [0+] 59.0551 [1+] 20.8964 [2+] 14.2338 [3+] 4.03796 [4+] 3.02847 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.