Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/DLL_interface.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/DLL_interface.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/dbapi.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/dbapi.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/dbapi_include.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapiagent.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapiagent.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/plugindb.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/plugindb_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/sync_dbapiconnect.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/sync_dbapiconnect.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcdb.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcdb_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/SDK/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/SDK/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_DEMO_linux/clientengine_demo_x86_linux_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_DEMO_linux/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_DEMO_linux/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_autotools/systemxml/xmlparse.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_ios/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_ios/prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_ios/syncml_tk_prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_ios/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_linux/clientengine_demo_x86_linux_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_linux/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/clientEngine_opensource_linux/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_ios/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_ios/prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_ios/syncml_tk_prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_ios/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_linux/combiengine_opensource_linux_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_linux/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/combiEngine_opensource_linux/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/serverEngine_opensource_linux/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/serverEngine_opensource_linux/serverengine_opensource_linux_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/serverEngine_opensource_linux/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/sysytool_linux/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/sysytool_linux/sysytool_linux_x86_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/ReleasedProducts/sysytool_linux/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/clientEngine_dbg/clientengine_dbg_x86_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/clientEngine_dbg/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/sysytool/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/sysytool/sysytool_linux_x86_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/sysytool/sysytool_x86_prefix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Targets/sysytool/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/engine_client.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/engine_client_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/engine_server.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/engine_server_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/engineclientbase.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/engineclientbase.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/enginesessiondispatch.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/Transport_interfaces/engine/enginesessiondispatch.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/ascii.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/asciitab.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/iasciitab.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/latin1tab.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/nametab.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/utf8tab.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmldef.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmlrole.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmlrole.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_ns.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/global_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/config.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/dftables.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_chartables.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_config.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_config_android.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_config_macosx.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_config_win32.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_dfa_exec.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_exec.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_fullinfo.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_get.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_globals.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_info.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_internal.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_maketables.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_newline.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_ord2utf8.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_refcount.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_scanner.cc
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_scanner.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_scanner_unittest.cc
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_setup.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_stringpiece.cc
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_stringpiece_unittest.cc
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_study.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_tables.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_try_flipped.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_ucp_searchfuncs.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_valid_utf8.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_version.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_xclass.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_internal.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcredemo.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/ucp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/ucpinternal.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/ucptable.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/configfiles.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/configfiles.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_DLL.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_headers.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_time.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_time.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_timezones.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/profiling.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_headers.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_time.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_time.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/profiling.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/platform_DLL.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/platform_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/platform_headers.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/platform_mutex.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/platform_thread.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/profiling.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/sysync_glob_vars.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/sysyncinit.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_mutex.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_pipe.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_pipe.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_thread.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/clientEngine_custom/clientengine_custom.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/clientEngine_custom/clientengine_custom_Base.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/clientEngine_custom/clientengine_custom_Base.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/clientEngine_custom/clientengine_custom_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/clientEngine_custom/product_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/serverEngine_custom/combi_product_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/serverEngine_custom/product_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/serverEngine_custom/serverengine_custom.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/serverEngine_custom/serverengine_custom_Base.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/serverEngine_custom/serverengine_custom_Base.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/serverEngine_custom/serverengine_custom_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/sysytool/sysytool.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/sysytool/sysytool.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/sysytool/sysytool_dispatch.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/sysytool/sysytool_dispatch.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/sysytool/sysytool_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/palm/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/sml.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/smldef.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/smldevinfdtd.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/smldtd.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/smlerr.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/smlmetinfdtd.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/inc/win/define.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/liblock.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libmem.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libstr.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/liblock.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/libmem.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/libstr.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/libutil.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/all/mgr.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/all/mgrcmdbuilder.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/all/mgrcmddispatcher.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/all/mgrinstancelist.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/all/mgrinstancemgr.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/all/mgrutil.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/inc/mgr.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/inc/mgrutil.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/mgr/win/libinit.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/all/wsm.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/inc/wsm.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/inc/wsm_sm.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/palm/wsm_sm.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/win/wsm_sm.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdec.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdeccom.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdecwbxml.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdecwbxml.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdecxml.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdevinf.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltenc.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltenccom.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltenccom.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltencwbxml.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltencwbxml.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltencxml.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltencxml.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltmetinf.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltmetinf.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xlttags.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xlttags.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xlttagtbl.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltutilstack.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltutilstack.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/inc/xltdec.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/inc/xltenc.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk_prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfilebase.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfilebase.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientprovisioning_inc.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientprovisioning_inc.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplagent.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplagent.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplds.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplds.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataconversion.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineentry.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineentry.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/global_progress.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/iso8601.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/iso8601.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/localengineds.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/localengineds.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimediritemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimediritemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/multifielditem.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/multifielditem.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/multifielditemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/multifielditemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rawdataitemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rawdataitemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/remotedatastore.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/remotedatastore.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/simpleitem.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/simpleitem.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/smltk_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/smltk_precomp_xpt.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stdlogicagent.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stdlogicagent.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stdlogicds.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stdlogicds.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/superdatastore.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/superdatastore.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncagent.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncagent.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncclientbase.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncclientbase.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncdatastore.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncdatastore.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitem.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitem.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncml_globs.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncml_tk.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsessiondispatch.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsessiondispatch.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syserial.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync_crc16.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync_crc16.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync_debug.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync_globs.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync_precomp.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/sysync_precomp_xpt.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textitemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textitemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textprofile.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textprofile.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/tz_table.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/uiapi.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/uiapi.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vcalendaritemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vcalendaritemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vcarditemtype.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vcarditemtype.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/DLL/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/DLL/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/myadapter.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/oceanblue.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/oceanblue.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/snowwhite.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/snowwhite.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/text_db/DLL/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/text_db/sync_dbapi_text.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/UI_util.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/UI_util.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/admindata.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/admindata.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/blobs.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/blobs.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/cp936_tables_inc.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dataconversion.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/engine_defs.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/enginemodulebase.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/enginemodulebase.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/enginemodulebridge.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/enginemodulebridge.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/enginestubs.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/gb2312_tables_inc.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/generic_types.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/lineartime.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/lineartime.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/prefix_file.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/stringutil.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/stringutil.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/syerror.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sync_dbapi.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sync_dbapidef.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sync_declarations.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sync_include.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sync_uiapi.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/syncexception.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/syncexception.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_b64.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_b64.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_noncopyable.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/timeutil.cpp
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/timeutil.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/dbplugin_cocoa_sample/sample_dbplugin.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/dbplugin_cocoa_sample/sample_dbplugin1.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/dbplugin_cocoa_sample/sample_dbplugin2.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/dbplugin_cocoa_sample/sample_dbplugin3.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/dbplugin_cocoa_sample/sample_dbplugin4.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/dbplugin_cocoa_sample/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/ios_syncclient_app_sample/AppDelegate.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/ios_syncclient_app_sample/FlipsideViewController.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/ios_syncclient_app_sample/MainViewController.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/ios_syncclient_app_sample/SyncMLClient/SyncMLClient.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/ios_syncclient_app_sample/SyncMLClient/ZKeyChainWrapper.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/ios_syncclient_app_sample/SyncMLClient/ZWebRequest.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/sdk_sources_cocoa/SettingsKey.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/sdk_sources_cocoa/SyncEngine.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/sdk_sources_cocoa/dbplugin_cocoa.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/sdk_sources_cocoa/target_options.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/adler32.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/compress.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/crc32.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/crc32.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/deflate.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/deflate.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/infback.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inffast.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inffast.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inffixed.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inflate.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inflate.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inftrees.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inftrees.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/trees.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/trees.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/uncompr.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zconf.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zconf.in.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zlib.h
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.c
Examining data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h
FINAL RESULTS:
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/DLL_interface.cpp:88:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, maxmsglen, aText, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_internal.h:64:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DPRINTF(p) printf p
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_scanner_unittest.cc:48:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_scanner_unittest.cc:48:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:927:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), LLD, max_value);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:930:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), LLD, min_value);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:933:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), LLD, max_value);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:938:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), LLD, min_value);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:954:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), LLU, max_value);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:881:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(endptr, jfriedl_prefix); endptr += strlen(jfriedl_prefix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:886:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(endptr, jfriedl_postfix); endptr += strlen(jfriedl_postfix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1486:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s%.*s%s", prefix[process_options], MBUFTHIRD, pattern,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1671:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s%.*s", buff1,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.c:178:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s%s%-6d", message, addmessage, (int)preg->re_erroffset);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1136:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)pbuffer, (char *)p);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c:37:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd,aCommandName);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c:40:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,aCommandParams);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c:43:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status=system(cmd);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c:36:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd,aCommandName);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c:39:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,aCommandParams);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c:42:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status=system(cmd);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libstr.c:97:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy((char *)pTarget, (char *)pSource);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libstr.c:103:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
return strcat((char *)pTarget, (char *)pSource);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c:124:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(pBuffer, text, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c:132:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(pBuffer, text, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c:157:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(pBuffer, format, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c:165:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(pBuffer, format, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/libstr.h:77:52: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
#define smlLibStrcat(pTarget,pSource) (char*)StrCat((char*)pTarget,(char*)pSource)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/libstr.h:103:59: [4] (buffer) StrNCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
#define smlLibStrncat(pTarget,pSource,count) (char*)StrNCat((char*)pTarget,(char*)pSource,count)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:276:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(p, maxmsglen-n, aMessage, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:296:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, maxmsglen, aMessage, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:582:72: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int (*SySync_ConsolePrintf)(FILE *stream, const char *format, ...) = fprintf;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:595:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, maxmsglen, aFormat, aArgs);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.h:271:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, TDBG_LOCATION_ARG_NUM + 3, TDBG_LOCATION_ARG_NUM + 4)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.h:281:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, TDBG_LOCATION_ARG_NUM + 2, TDBG_LOCATION_ARG_NUM + 3)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.h:296:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, TDBG_LOCATION_ARG_NUM + 5, TDBG_LOCATION_ARG_NUM + 6)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.h:301:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, TDBG_LOCATION_ARG_NUM + 4, TDBG_LOCATION_ARG_NUM + 5)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.h:306:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, TDBG_LOCATION_ARG_NUM + 4, TDBG_LOCATION_ARG_NUM + 5)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:104:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(argv[2],
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:1094:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,str.c_str());
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:36:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *s, int sz, const char *formatStr, va_list arg)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:38:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return vsprintf(s,formatStr,arg);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:44:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *s, int sz, const char *formatStr, ...)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:50:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int n=vsnprintf(s,sz,formatStr,args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:811:16: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
actualsize = vsnprintf(buf, bufsiz, aFormat, aArgs);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:816:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
actualsize = vsnprintf(bufP, actualsize+1, aFormat, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h:40:11: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define vsprintf StrVPrintF
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h:41:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define sprintf StrPrintF
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h:56:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *s, int sz, const char *formatStr, va_list arg);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h:59:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *s, int sz, const char *formatStr, ...);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h:153:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.h:158:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1095:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, maxmsglen, text, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1483:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, maxmsglen, text, args);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:604:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( s, form, bias / MinsPerHour,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:133:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p+= sprintf( p, "%s\n", MyPlatform() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:134:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p+= sprintf( p, "%s\n", DLL_Info );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:135:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p+= sprintf( p, "%s:%s\n", CA_MinVersion, "V1.0.6.0" ); /* must not be changed */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:136:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p+= sprintf( p, "%s:%s\n", CA_Manufacturer, "Synthesis AG" ); /**** SHOULD BE ADAPTED BY USER ****/
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:137:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p+= sprintf( p, "%s:%s", CA_Description, "Demo Example Module" ); /**** SHOULD BE ADAPTED BY USER ****/
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:444:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( f, format, h );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:928:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( g->refName, dbName.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:480:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf ( msg, maxmsglen,format,args ); /* assemble the message string */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:580:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf( message, maxmsglen, format,args ); /* assemble the message string */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:664:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( s, "%s%s%s%s%s%s", dbIntro,id,isX,routine,p,text );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/stringutil.cpp:155:16: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
actualsize = vsnprintf(buf, bufsiz, aFormat, aArgs);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/stringutil.cpp:161:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
actualsize = vsnprintf(bufP, actualsize+1, aFormat, aArgs);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:358:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (s,"MD5 (\"%s\") = ", aString); s+=strlen(s);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2440:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:131:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->path, path); /* do this early for debugging */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:609:11: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)vsprintf(buf, format, va);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:614:11: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
len = vsprintf(buf, format, va);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:619:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(buf, sizeof(buf), format, va);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:623:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, sizeof(buf), format, va);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:646:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:651:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len = sprintf(buf, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:656:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), format, a1, a2, a3, a4, a5, a6, a7, a8,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:660:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = snprintf(buf, sizeof(buf), format, a1, a2, a3, a4, a5, a6, a7, a8,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:987:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->msg, s->path);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:989:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s->msg, m);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:203:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, file);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:204:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outfile, GZ_SUFFIX);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:234:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:243:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(infile, GZ_SUFFIX);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:184:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# if !defined(vsnprintf) && !defined(NO_vsnprintf)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:185:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf _vsnprintf
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:235:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Trace(x) {if (z_verbose>=0) fprintf x ;}
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:236:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracev(x) {if (z_verbose>0) fprintf x ;}
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:237:40: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:238:48: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:239:49: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.cpp:135:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((uInt32)time(NULL));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:1229:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("VERBOSE_TEST") != NULL)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1836:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv("LC_ALL");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1842:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv("LC_CTYPE");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1874:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *cs = getenv("PCREGREP_COLOUR");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1875:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = getenv("PCREGREP_COLOR");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/liblock.c:25:3: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&gSmlLock);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/liblock.h:49:35: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
#define TOOLKITLOCK_INIT(m) InitializeCriticalSection(&gSmlLock);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/inc/liblock.h:51:30: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
#define LOCKTOOLKIT(m) EnterCriticalSection(&gSmlLock);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:1480:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *value = getenv(envName.c_str());
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp:1156:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)aFuncContextP->getLocalVar(1)->getAsInteger());
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncagent.cpp:1011:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("LIBSYNTHESIS_NO_RESTART")) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/UI_util.cpp:61:11: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
aDLL= LoadLibrary( aDLLname );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/DLL_interface.cpp:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[maxmsglen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/dbapi.cpp:939:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ 15 ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/dbapi.cpp:940:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( f, "err=%d", err );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.cpp:2272:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dp, b.fPtr, rema ); dp+= rema;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.cpp:2596:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufP,fBlobBuffer,fFetchedSize); // copy fetched portion from old buffer
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.cpp:2604:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufP,blobData.fPtr,blobData.fSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.cpp:2654:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufP,strUtf8.c_str(),strUtf8.size());
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/pluginapids.cpp:2687:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,(char *)fBlobBuffer+aPos,aMaxBytes);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp:143:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)colname,"<error getting name>");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp:159:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)databuf,"<NULL>");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp:194:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *TxnIsolModeNames[numTxnIsolModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp:2842:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bP,pos->ParameterValuePtr,pos->StrLen_or_Ind+1);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.cpp:34:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SpecialIDModeNames[numSpecialIDModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.cpp:4451:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,fValue.c_str()+aPos,aMaxBytes);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:116:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
char open;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:924:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, end, nLeftOver);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:931:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(XML_GetBuffer(parser, len), s, len);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:981:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBuf, bufferPtr, bufferEnd - bufferPtr);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:1267:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:1356:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tag->buf, tag->rawName, tag->rawNameLength);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:1818:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uri, binding->uri, binding->uriLen * sizeof(XML_Char));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:1825:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(binding->uri + binding->uriLen, localPart, i * sizeof(XML_Char));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:1861:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->uri, uri, len * sizeof(XML_Char));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:2072:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encodingBuf[128];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:2658:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:2924:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (entity->open) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:2987:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:3338:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!e->open)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:3454:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tem, p1, sizeof(DTD));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:3455:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sizeof(DTD));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:3456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p2, &tem, sizeof(DTD));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:3890:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pool->blocks->s, pool->start, (pool->end - pool->start) * sizeof(XML_Char));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmlparse/xmlparse.c:3921:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tem->s, pool->start, (pool->ptr - pool->start) * sizeof(XML_Char));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:123:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char type[256];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:883:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:917:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
char open;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:976:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (c == open)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:1176:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8[256][4];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:1217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XML_UTF8_ENCODE_MAX];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok.c:1275:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)mem)[i] = ((char *)&latin1_encoding)[i];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c:572:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c:584:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
switch (open) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c:601:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (t == open)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c:936:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int PREFIX(scanLit)(int open, const ENCODING *enc,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c:947:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (t != open)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_impl.c:1489:53: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
|| BYTE_TYPE(enc, ptr + MINBPC(enc)) == open))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/expat/xmltok/xmltok_ns.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ENCODING_MAX];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/dftables.c:87:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[i], "wb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:732:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:1739:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:2691:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbits, cbits + posix_class_maps[posix_class],
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3289:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3315:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3408:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(utf8_char, lastchar, c); /* Save the char */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3557:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3582:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3612:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3799:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, len);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:3865:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, len);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:4025:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncmp((char *)name, verbs[i].name, namelen) == 0)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:4432:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(slot + 2, name, namelen);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_dfa_exec.c:424:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_states, active_states, new_count * sizeof(stateblock));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_exec.c:1025:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_recursive.offset_save, md->offset_vector,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_exec.c:1054:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md->offset_vector, new_recursive.offset_save,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_exec.c:1240:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md->offset_vector, rec->offset_save,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_exec.c:4829:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offsets + 2, md->offset_vector + 2,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_get.c:242:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, subject + ovector[stringnumber], yield);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_get.c:331:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, subject + ovector[i], len);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_get.c:399:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(substring, subject + ovector[stringnumber], yield);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_internal.h:243:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d,s,n) _memcpy(d,s,n)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_internal.h:256:26: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove(a, b, c) bcopy(b, a, c)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_scanner_unittest.cc:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_study.c:571:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(study->start_bits, start_bits, sizeof(start_bits));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:653:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, str, n);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:667:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[kMaxNumberLength+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:683:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[kMaxNumberLength+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:747:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[kMaxNumberLength+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:773:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[kMaxNumberLength+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:795:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[kMaxLength];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp.cc:797:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, str, n);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:789:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( argc == 2 || atoi(argv[2]) == 0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:794:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Timing1(atoi(argv[2]));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:796:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Timing2(atoi(argv[2]));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:798:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Timing3(atoi(argv[2]));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:922:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:949:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:367:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pattern, filename, len);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:368:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(pattern[len]), "\\*", 3);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:825:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[3*MBUFTHIRD];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1274:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.512s%c%.128s", pathname, sep, nextfile);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1306:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(pathname, "r");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1366:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1367:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (op->one_char > 0) sprintf(s, "-%c,", op->one_char); else strcpy(s, " ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1367:64: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (op->one_char > 0) sprintf(s, "-%c,", op->one_char); else strcpy(s, " ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1438:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1440:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%d", n);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1444:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(p, "st"); break;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1445:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(p, "nd"); break;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1446:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(p, "rd"); break;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1447:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
default: strcpy(p, "th"); break;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1475:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MBUFTHIRD + 16];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1545:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MBUFTHIRD];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1552:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.*s", (int)(p - pattern - ellength), pattern);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1579:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *patterns[MAX_PATTERN_COUNT];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1667:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[24];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1668:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff2[24];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1670:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff1, "%.*s", baselen, op->long_name);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1990:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MBUFTHIRD];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1999:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(pattern_filename, "r");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:2030:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:2031:44: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (pattern_count == 1) s[0] = 0; else sprintf(s, " number %d", j);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:229:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buffer, buffer, buffer_size);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:230:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pbuffer, pbuffer, buffer_size);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:829:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((size_offsets = get_value((unsigned char *)argv[op+1], &endptr)),
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:839:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (argc > 2 && (temp = get_value((unsigned char *)argv[op+1], &endptr),
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:850:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((stack_size = get_value((unsigned char *)argv[op+1], &endptr)),
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:933:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(argv[op], INPUT_MODE);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:944:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile = fopen(argv[op+1], OUTPUT_MODE);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1016:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)p, "rb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1582:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen((char *)to_file, "wb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1717:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff8[8];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1739:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff8[8];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:2165:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copybuffer[256];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:2179:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copybuffer[256];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.cpp:71:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fCBinFile = fopen(aFilePath,"r+b");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.cpp:74:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fCBinFile = fopen(aFilePath,"w+b");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.cpp:115:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer, fContent.c_str() + fPos, aMaxRead);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.cpp:220:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR filename[MAX_PATH];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/configfiles.cpp:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[bufsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/configfiles.cpp:233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szHostname[100];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_timezones.cpp:43:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *tzname[ 2 ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/profiling.h:41:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TP_TypeNames[numTPTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ 20 ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:66:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( f, "%04d%02d%02dT%02d%02d%02d", t->tm_year+1900, t->tm_mon+1, t->tm_mday,
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:90:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t->tm_year = atoi( tStr.substr( 0,4 ).c_str() )-1900;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:91:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t->tm_mon = atoi( tStr.substr( 4,2 ).c_str() )-1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:92:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t->tm_mday = atoi( tStr.substr( 6,2 ).c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:94:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t->tm_hour = atoi( tStr.substr( 9,2 ).c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:95:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t->tm_min = atoi( tStr.substr( 11,2 ).c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_file.cpp:96:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t->tm_sec = atoi( tStr.substr( 13,2 ).c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_pipe.c:44:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(aPipePathName, O_RDONLY);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_pipe.c:50:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(aPipePathName, O_WRONLY);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncapps/sysytool/sysytool.cpp:96:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cmdargv[maxcmdargs];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libmem.c:64:79: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *(*smlLibMemcpy)(void *pTarget, const void *pSource, MemSize_t count) = memcpy;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libmem.c:176:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy(pTarget, pSource, count);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pBuffer[BUFFERSIZE];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libutil.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pBuffer[BUFFERSIZE];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/win/wsm_sm.c:113:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*newEle)->memName, name, strlen(name));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdec.c:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const smlErrTexts[numSmlErrTexts] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdec.c:236:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexshow[numBytesShow*3+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltdecxml.c:670:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (((char *)entity)[1] == 'x') {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltenc.c:123:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLFPI[SML_NUM_VERS] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xltenc.c:129:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLDevInfFPI[SML_NUM_VERS] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xlttags.c:61:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLNamespaces[SML_NUM_VERS] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/xlt/all/xlttags.h:194:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncMLNamespaces[SML_NUM_VERS];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfilebase.cpp:148:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bferr TBinFileBase::open(uInt32 aExtraHeadersize, void *aExtraHeaderP, TUpdateFunc aUpdateFunc)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfilebase.cpp:264:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
e=open(aExtraHeadersize,NULL); // do not pass our new header data in case there is an old file already
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfilebase.h:94:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bferr open(uInt32 aExtraHeadersize=0, void *aExtraHeaderP=NULL, TUpdateFunc aUpdateFunc=NULL);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1126:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fLogFile.open(0,NULL,NULL);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1341:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(profileP->serverPassword,oP->serverPassword,o_maxupwsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1343:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(profileP->transportPassword,oP->transportPassword,o_maxupwsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1381:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNewRecordData,aOldRecordData,PROFILE_DB_VERSION_7_SZ);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1384:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNewRecordData,aOldRecordData,PROFILE_DB_VERSION_8_SZ);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1406:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNewRecordData,aOldRecordData,aOldSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1482:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
err = fProfileBinFile.open(0,NULL,profileUpdateFunc);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1497:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
err = fTargetsBinFile.open(0,NULL,targetUpdateFunc);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:2706:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const Protocol_Names[num_transp_protos] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:535:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNewRecordData,aOldRecordData,o);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:544:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNewRecordData,aOldRecordData,aOldSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:586:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fChangeLog.open(sizeof(TChangeLogHeader),&fChgLogHeader,changelogUpdateFunc)!=BFE_OK) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:593:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fChangeLog.open(sizeof(TChangeLogHeader),&fChgLogHeader,changelogUpdateFunc)==BFE_OK) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:652:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fPendingMaps.open(sizeof(TPendingMapHeader),&fPendingMapHeader)!=BFE_OK) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:1317:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (pendingItemFile.open(sizeof(TPendingItemHeader),&pendingItemHeader)==BFE_OK) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:2188:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fakelocalid[STRING_LOCALID_MAXLEN];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:2190:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fakelocalid, "fake-%u-%d", ++fakeidcounter, rand());
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.cpp:2298:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (logFile.open(0,NULL,NULL)!=BFE_OK) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbrecordid[maxidlen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastChangeCheckIdentifier[changeIndentifierMaxLen]; // string field to save identifier for last changelog update
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:231:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbrecordid[maxidlen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remoteID[BINFILE_MAXGUIDSIZE+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:261:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastSourceURI[BINFILE_MAXGUIDSIZE+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastTargetURI[BINFILE_MAXGUIDSIZE+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:311:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbname[dbnamelen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localDBPath[localDBpathMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:327:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remoteDBpath[remoteDBpathMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remoteAnchor[remoteAnchorMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:349:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localContainerName[localDBpathMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummyIdentifier1[remoteAnchorMaxLen]; // (formerly lastSyncIdentifier) not used any more - single identifier in changelog is sufficient
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:360:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummyIdentifier2[remoteAnchorMaxLen]; // (formerly lastSuspendIdentifier) not used any more - single identifier in changelog is sufficient
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remoteDBdispName[dispNameMaxLen]; // display name of remote datastore
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:363:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filterCapDesc[filterCapDescMaxLen]; // description string of remote filter capabilities
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:365:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remoteFilters[filterExprMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:367:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localFilters[filterExprMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profileName[maxnamesiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:467:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverURI[maxurisiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:469:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverUser[maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:471:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverPassword[maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transportUser[maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:475:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transportPassword[maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:477:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char socksHost[maxurisiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:479:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proxyHost[maxurisiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:487:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastNonce[maxnoncesiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:494:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char URIpath[maxpathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:504:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localDBProfileName[localDBpathMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:520:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proxyUser[maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:522:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proxyPassword[maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:554:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srv[maxipppathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:557:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[maxipppathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:558:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[maxippidsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:566:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profileName[o_maxnamesiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:573:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverURI[o_maxurisiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverUser[o_maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:577:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverPassword[o_maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:579:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transportUser[o_maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:581:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transportPassword[o_maxupwsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:583:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char socksHost[o_maxurisiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:585:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proxyHost[o_maxurisiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:593:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastNonce[o_maxnoncesiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:599:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char URIpath[o_maxpathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplds.h:607:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localDBProfileName[localDBpathMaxLen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.cpp:20:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const IPPStateNames[num_ipp_states] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.cpp:28:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const AutoSyncModeNames[num_autosync_modes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.cpp:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const AutoSyncStateNames[num_autosync_states] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.cpp:781:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[bufsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:35:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[GAL_STRING_MAX];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[GAL_STRING_MAX];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srv[maxipppathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[maxipppathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:109:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[maxippidsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:112:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cred[maxipppathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.h:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timedds[maxipppathsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:35:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ParseModeNames[numParseModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[maxmsglen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:271:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p,"Fatal: ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:290:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[maxmsglen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplagent.cpp:29:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DBCharSetNames[numCharSets] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplagent.cpp:44:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DBFieldTypeNames[numDBfieldTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplagent.h:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DBCharSetNames[numCharSets];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplagent.h:81:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DBFieldTypeNames[numDBfieldTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/customimplds.cpp:32:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MapEntryTypeNames[numMapEntryTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:334:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(path, mode);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:592:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[maxmsglen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:1483:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DltLogLevelType level = (DltLogLevelType)atoi(value);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:359:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,(appPointer)convStr.c_str(),convStr.size()+1>aBufSize ? aBufSize : convStr.size()+1);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:590:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,&valtype,aValSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:665:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,infoP->valPtr,siz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:869:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,valPtr,siz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:910:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valPtr,aBuffer,siz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:1422:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,bufP,msgsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:1454:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufP,aBuffer,aMsgSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:208:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,s.c_str()+fStreamPos,aMaxBytes);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:703:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,fString.c_str()+fStreamPos,aMaxBytes);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[rfc822maxMonthLen+1];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:2001:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,sval.c_str(),sval.size()); // copy name data
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:2010:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,&valtype,aValSize); // copy valtype uInt16
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:2104:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer,valPtr,aValSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/localengineds.cpp:648:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const conflictStrategyNames[numConflictStrategies] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/localengineds.cpp:1883:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op[3];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:35:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const mimeModeNames[numMimeModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:42:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const VTimeZoneGenModes[numVTimeZoneGenModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:52:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const VTzIdGenModes[numTzIdGenModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:59:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const EnumModeNames[numEnumModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:69:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ProfileModeNames[numProfileModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:1920:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c,chrs[maxseqlen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:1939:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[2];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:3412:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[2];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isodate[50];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rulebuf[200];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:1087:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:1685:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s [50];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:1954:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%hd", startday);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/rrules.cpp:1959:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%hd", startmonth);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp:886:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(file.c_str(), "rb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp:899:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp:2085:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freq[3] = {' ', ' ', 0};
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:800:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bufsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncagent.cpp:197:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(rawfilename,"rb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncagent.cpp:2463:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fBufferedAnswer,aAnswer,aAnswerSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:60:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLEncodingNames[numSyncMLEncodings] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:69:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLEncodingMIMENames[numSyncMLEncodings] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PlatformStringNames[numPlatformStrings] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:788:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const debugOptionNames[numDebugOptions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1089:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[maxmsglen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1477:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[maxmsglen];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1527:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * logfile=fopen(filename.c_str(),"a");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1837:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* cfgfile=fopen(aFilePath,"r");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:3649:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *inFile = fopen(argv[0],"rb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:3719:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *outFile = fopen(outFileName.c_str(),"w");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.h:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const debugOptionNames[numDebugOptions];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:54:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncCommandNames[numSmlCommandTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitem.h:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const compareRelevanceNames[numEQmodes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitem.h:50:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const comparisonModeNames[numEQmodes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitemtype.cpp:697:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)aItemP->data->content,utf8Payload.c_str(),origSize+1); // include terminator byte in copy
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitemtype.cpp:760:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((appPointer)smlitemP->data->content,utf16bytestream.c_str(),utf16bytestream.size());
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:40:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLVerProtoNames[numSyncMLVersions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:52:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLVerDTDNames[numSyncMLVersions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:58:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLDevInfNames[numSyncMLVersions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:66:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncMLVersionNames[numSyncMLVersions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:76:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const authTypeNames[numAuthTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:84:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncModeNames[numSyncModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:94:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PackageStateNames[numPackageStates] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:104:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncOpNames[numSyncOperations] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:121:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SyncModeDescriptions[numSyncModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:1871:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * logfile=fopen(getSessionConfig()->fLogFileName.c_str(),"a");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:27:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncMLVerProtoNames[numSyncMLVersions];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:29:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncMLVerDTDNames[numSyncMLVersions];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:30:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncMLDevInfNames[numSyncMLVersions];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:32:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncMLVersionNames[numSyncMLVersions];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const authTypeNames[numAuthTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:37:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncModeNames[numSyncModes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:40:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PackageStateNames[numPackageStates];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:41:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncOpNames[numSyncOperations];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SyncModeDescriptions[numSyncModes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textprofile.cpp:68:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const RFC822ValueTypeNames[num822ValueTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hrs[ 80 ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:348:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (bias % MinsPerHour == 0) sprintf( hrs,"%3.0f ", f ); // not with .0
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:349:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else if (abs(bias % MinsPerHour)==30) sprintf( hrs,"%5.1f ", f );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:350:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf( hrs,"%6.2f ", f );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:385:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (year<=atoi( t.dynYear.c_str() )) break; // this is the year line we are looking for
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:417:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (year<=atoi( t.dynYear.c_str() )) break; // this is the year line we are looking for
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:501:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ FLen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:503:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( f, "%d", int(i) );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:640:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else yearS= atoi( t.dynYear.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:643:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int yearI= atoi( tzi.dynYear.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:862:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v= atoi( q );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vcalendaritemtype.cpp:42:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const vCalendarVersionNames[numVCalendarVersions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vcarditemtype.cpp:40:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const vCardVersionNames[numVCardVersions] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:301:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bias= atoi( h.c_str() )*MinsPerHour + atoi( m.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:301:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bias= atoi( h.c_str() )*MinsPerHour + atoi( m.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[ 10 ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:715:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
y_std= atoi( t.dynYear.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:918:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ FLen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/vtimezone.cpp:919:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( f, "%d", year );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:67:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fModuleName[ STRLEN ]; /* the module's name */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:72:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fModuleName[ STRLEN ]; /* the module's name */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[ 256 ]; /* copy it into a local string */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:439:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fDevKey[ STRLEN ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:440:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fUsrKey[ STRLEN ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:449:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fDevKey[ STRLEN ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:450:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fUsrKey[ STRLEN ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/oceanblue.cpp:334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[ txtFSz ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/snowwhite/oceanblue.cpp:365:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[ txtFSz ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/text_db/sync_dbapi_text.cpp:1165:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ac->fNewID = IntStr( atoi( newID->item )+1 );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:265:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value= atoi( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:273:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value= atoi( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:281:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value= atoi( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:289:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value= atoi( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:408:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( *newPtr, bPtr, bSize );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:417:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ FLen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:418:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( f, "%d", (int)i );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:426:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ FLen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:429:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (asHex) sprintf( f, "%016llX", (unsigned long long)a );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:430:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf( f, "%lld", (long long int )a );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:432:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (asHex) sprintf( f, "%08X", (unsigned int)a );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:433:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf( f, "%d", (int)a );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:443:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[ FLen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:563:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j= atoi( a.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:478:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ maxmsglen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:570:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[ maxmsglen ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/admindata.cpp:147:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mpL->Field( "1",act, s ); mID->flags = atoi ( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/admindata.cpp:148:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mpL->Field( "2",act, s ); mID->ident = atoi ( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/blobs.cpp:113:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fFile= fopen( fName.c_str(), mode );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:383:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int itemID= atoi( newID.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:384:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (itemID==0) itemID= atoi( F_First );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:400:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int itemNum= atoi( actL->itemID.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:455:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iKey= atoi( aKey );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:503:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!lastK->field.empty()) iLast= atoi( lastK->field.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:613:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n= atoi ( s.c_str() );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:825:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f= fopen( fFileName.c_str(),"rb" );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:962:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f= fopen( fFileName.c_str(),"wb" );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/enginemodulebase.cpp:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtField[ txtFieldSize ];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:326:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fb, fBody,fBodySize ); // copy existing structure to beginning
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void*) pp, (void*)serverURI, len );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:502:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( wPos, san,sanSize ); // now we have a new internal copy
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:538:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fSan, san,sanSize ); // now we have a new internal copy
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:678:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void*) pp, (void*)fServerID.c_str(), len );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:679:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void*)(pp+len), fBody, fBodySize );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:683:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void*)(pp+len+fBodySize), vendorSpecific,vendorSpecificSize );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:797:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (san, buf, sanSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/stringutil.cpp:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bufsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sync_dbapidef.h:359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refName[ 80 ]; /* the reference's name, length restricted */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/syncexception.cpp:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[msgsiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_b64.cpp:13:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char table [64] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:339:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)output)[i] = (char)value;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:370:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (s,"%02hx", (uInt16)digest[i]);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:176:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const lineEndModeNames[numLineEndModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:188:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const quotingModeNames[numQuotingModes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:197:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const encodingFmtSyncMLNames[numFmtTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:203:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const encodingFmtNames[numFmtTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:211:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const propDataTypeNames[numPropDataTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:224:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const authTypeSyncMLNames[numAuthTypes] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:232:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MIMEEncodingNames[numMIMEencodings] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:243:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MIMECharSetNames[numCharSets] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:575:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[2];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2297:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2303:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%%%02X", c);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:3016:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[ssiz];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:97:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const lineEndModeNames[numLineEndModes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:109:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const quotingModeNames[numQuotingModes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:138:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const encodingFmtNames[numFmtTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:139:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const encodingFmtSyncMLNames[numFmtTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:141:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MIMEEncodingNames[numMIMEencodings];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:142:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MIMECharSetNames[numCharSets];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:158:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const propDataTypeNames[numPropDataTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.h:169:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const authTypeSyncMLNames[numAuthTypes];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/crc32.c:136:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("crc32.h", "w");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)uncompr, "garbage");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:122:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)uncompr, "garbage");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:216:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)uncompr, "garbage");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:312:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)uncompr, "garbage");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:391:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)uncompr, "garbage");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:472:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)uncompr, "garbage");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmode[80]; /* copy of mode, without the compression level */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:226:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "<fd:%d>", fd); /* for debugging */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:601:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[Z_PRINTF_BUFSIZE];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[Z_PRINTF_BUFSIZE];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:988:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s->msg, ": ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inflate.c:552:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/inflate.c:1175:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4]; /* to restore bit buffer to byte string */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:104:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char buf[BUFLEN];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:172:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char buf[BUFLEN];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:199:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char outfile[MAX_NAME_LEN];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:206:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(file, "rb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:228:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char buf[MAX_NAME_LEN];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:250:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(outfile, "wb");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outmode[20];
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:279:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outmode, "wb6 ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/trees.c:332:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header = fopen("trees.h", "w");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.c:18:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const z_errmsg[10] = {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:41:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:99:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:158:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define F_OPEN(name, mode) fopen((name), (mode))
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/zutil.h:219:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define zmemcpy memcpy
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/api_db/dbapi.cpp:754:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( gp->refName,"" );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp:1575:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sInt16 n=strlen(aIn);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapiagent.cpp:2714:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos->StrLen_or_Ind = strlen((const char *)pos->ParameterValuePtr); // actual length
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.cpp:1960:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(DataSubstHandlers[handlerid].substTag);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/DB_interfaces/odbc_db/odbcapids.cpp:2522:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aStop==NULL) aStop=aPos+strlen(aPos);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_compile.c:5834:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd->end_pattern = (const uschar *)(pattern + strlen(pattern));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_dfa_exec.c:470:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pchars((uschar *)ptr, strlen((char *)ptr), stdout);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcre_internal.h:240:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen(s) _strlen(s)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:934:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(buf[strlen(buf)-1] != '9');
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:935:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]++;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:939:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(buf[strlen(buf)-1] != '9');
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:940:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]++;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:957:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(buf[strlen(buf)-1] != '9');
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcrecpp_unittest.cc:958:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]++;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcredemo.c:69:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subject_length = (int)strlen(subject);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:359:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:873:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long newlen = length * jfriedl_XT + strlen(jfriedl_prefix) + strlen(jfriedl_postfix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:873:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long newlen = length * jfriedl_XT + strlen(jfriedl_prefix) + strlen(jfriedl_postfix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:881:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(endptr, jfriedl_prefix); endptr += strlen(jfriedl_prefix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:883:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(endptr, orig, length);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:886:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(endptr, jfriedl_postfix); endptr += strlen(jfriedl_postfix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1275:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen(buffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1498:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errptr -= (int)strlen(prefix[process_options]);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1499:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (errptr > (int)strlen(pattern)) errptr = (int)strlen(pattern);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1499:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (errptr > (int)strlen(pattern)) errptr = (int)strlen(pattern);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1544:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *eop = pattern + strlen(pattern);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1652:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int arglen = (argequals == NULL)? (int)strlen(arg) : argequals - arg;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1672:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(op->long_name) - baselen - 2, opbra + 1);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:1808:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = (equals == NULL)? (int)strlen(op->long_name) :
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcregrep.c:2011:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = buffer + (int)strlen(buffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.c:169:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(message) + 1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.c:173:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(addmessage) + 6 : 0;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.c:181:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errbuf, message, errbuf_size - 1);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcreposix.c:298:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = pcre_exec((const pcre *)preg->re_pcre, NULL, string, (int)strlen(string),
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:211:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlen = (int)strlen((char *)here);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1012:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pp = p + (int)strlen((char *)p);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1291:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen((char *)buffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1438:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nameentrysize - 3 - (int)strlen((char *)nametable + 2), "",
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:1680:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen((char *)buffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:2177:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copynamesptr += (int)strlen((char*)copynamesptr) + 1)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/pcre/pcretest.c:2207:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
getnamesptr += (int)strlen((char*)getnamesptr) + 1)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/binfile.cpp:56:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return !strncmp(aFilePath, TBINFILE_MEM_FILE_PERFIX, strlen(TBINFILE_MEM_FILE_PERFIX));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/configfiles.h:19:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define FMT_LENGTH_LIMITED(n,p) ((string(p,strlen(p)>n ? n : strlen(p))).c_str())
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/configfiles.h:19:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define FMT_LENGTH_LIMITED(n,p) ((string(p,strlen(p)>n ? n : strlen(p))).c_str())
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c:33:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(aCommandName) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c:34:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(aCommandParams ? strlen(aCommandParams) : 0) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/linux/platform_exec.c:39:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd," ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c:32:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(aCommandName) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c:33:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(aCommandParams ? strlen(aCommandParams) : 0) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/macosx/platform_exec.c:38:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd," ");
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/platform_adapters/unix_common/platform_pipe.c:65:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes=read(aPipeDesc,aBuffer,aMaxBytes);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libstr.c:100:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return strncpy((char *)pTarget, (char *)pSource, count);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libstr.c:118:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen((char *)pString);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/lib/all/libstr.c:133:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
return strncat((char *)pTarget, (char *)pSource, count);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/win/wsm_sm.c:109:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ((*newEle)->memName = smlLibMalloc(strlen(name)+1)) == 0 ){
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/win/wsm_sm.c:113:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy((*newEle)->memName, name, strlen(name));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/syncml_tk/src/sml/wsm/win/wsm_sm.c:114:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*newEle)->memName[strlen(name)] = '\0';
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1643:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.serverURI,templateprofile.serverURI,maxurisiz); // if hardcoded, don't copy from template
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1645:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.serverUser,templateprofile.serverUser,maxupwsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1646:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.transportUser,templateprofile.transportUser,maxupwsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1647:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.socksHost,templateprofile.socksHost,maxurisiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1648:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.proxyHost,templateprofile.proxyHost,maxurisiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1649:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.proxyUser,templateprofile.proxyUser,maxupwsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1654:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.URIpath,templateprofile.URIpath,maxpathsiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1665:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.localDBProfileName,templateprofile.localDBProfileName,localDBpathMaxLen);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1682:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(profile.serverURI,fServerURI.c_str(),maxurisiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1707:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(target.remoteDBpath,templatetarget.remoteDBpath,remoteDBpathMaxLen);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:1740:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(aProfile.profileName,aName,maxnamesiz);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/binfileimplclient.cpp:2800:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fNoCRCPrefixLen=strlen(Protocol_Names[fProfile.protocol]);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/clientautosync_inc.cpp:1856:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strucmp(target.remoteDBpath,aRemoteDBName,strlen(aRemoteDBName))==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:272:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(p);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/configelement.cpp:1007:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = aNumChars ? aNumChars : strlen(aCharData);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.cpp:666:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p= q + strlen ( EndCom ); continue; // comment is skipped
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.cpp:675:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+= strlen( BeginCDATA );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.cpp:681:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p= q + strlen( DoubleCEnd );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.cpp:684:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p= q + strlen( BeginCDATA );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/dataobjtype.cpp:760:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strstr( p, BeginCDATA )==p) p+= strlen( BeginCDATA );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:893:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((aTextSize > 0 && strlen(aText) > aTextSize) ||
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:899:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DbgText2PlainText(aText, aTextSize ? aTextSize : strlen(aText), buffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/debuglogger.cpp:1588:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aTextSize > 0 && aTextSize < strlen(aText)) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:400:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aValSize = strlen((char *)aBuffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:552:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aBaseNameSize = strlen(aName);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:554:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aBaseNameSize >= strlen(VALSUFF_TYPE) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:555:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+aBaseNameSize-strlen(VALSUFF_TYPE),VALSUFF_TYPE)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:557:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aBaseNameSize-=strlen(VALSUFF_TYPE);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:659:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
siz = strlen((cAppCharP)(infoP->valPtr));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:712:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((appCharP)aBuffer,s.c_str(),aBufSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:743:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aValSize=strlen(aReturnString);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:746:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((appCharP)aBuffer,aReturnString,aValSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:856:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
siz = strlen((cAppCharP)valPtr);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:866:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aValSize = strlen((cAppCharP)aBuffer);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/engineinterface.cpp:938:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)aBuffer,aStructFieldsKeyP->getEngineInterface()->getSyncAppBase()->getRootConfig()->fLicenseName.c_str(),aBufSize);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1506:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t inpSiz = strlen(aRFC822String);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1840:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namsz = strlen(aName);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1842:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (namsz >= strlen(VALSUFF_TZNAME) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1843:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+namsz-strlen(VALSUFF_TZNAME),VALSUFF_TZNAME)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1848:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (namsz >= strlen(VALSUFF_TZOFFS) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1849:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+namsz-strlen(VALSUFF_TZOFFS),VALSUFF_TZOFFS)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1854:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (namsz >= strlen(VALSUFF_NORM) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1855:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+namsz-strlen(VALSUFF_NORM),VALSUFF_NORM)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1860:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (namsz >= strlen(VALSUFF_ARRSZ) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1861:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+namsz-strlen(VALSUFF_ARRSZ),VALSUFF_ARRSZ)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1866:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (namsz >= strlen(VALSUFF_NAME) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1867:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+namsz-strlen(VALSUFF_NAME),VALSUFF_NAME)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1872:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (namsz >= strlen(VALSUFF_TYPE) &&
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.cpp:1873:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strucmp(aName+namsz-strlen(VALSUFF_TYPE),VALSUFF_TYPE)==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/itemfield.h:110:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void appendString(cAppCharP aString) { appendString(aString,strlen(aString)); };
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/localengineds.cpp:3006:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(p);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/localengineds.cpp:4778:105: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
adjustLocalIDforSize(aSyncItemP->fLocalID,getRemoteDatastore()->getMaxGUIDSize(),aLocalIDPrefix ? strlen(aLocalIDPrefix) : 0);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:240:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(comb)==1)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:1955:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen("==0A=0D=") - 1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:2129:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aString.reserve(aString.size()+strlen(proptext)+100);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:4750:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strucmp(p+1, QP_ENCODING_PARAM, strlen(QP_ENCODING_PARAM))==0) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:4751:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = *(p+1+strlen(QP_ENCODING_PARAM));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/mimedirprofile.cpp:4908:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uInt16 n=strlen(aPropName);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/multifielditem.cpp:104:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(p)==1)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/multifielditem.cpp:839:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aStop==NULL) aStop=aPos+strlen(aPos);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/remotedatastore.cpp:91:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n=strlen(nam);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp:900:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/scriptcontext.cpp:902:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
content.append(buf, read);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:82:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(aCStr,aCharP,aLen-1);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/stringutils.cpp:102:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(aCStr,aCharP,n);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1777:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(readptr);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:1780:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (len>0) strncpy(aBuffer,readptr,len);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:2595:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringSize l=strlen(SYNCML_MIME_TYPE SYNCML_ENCODING_SEPARATOR);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncappbase.cpp:3061:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(aRegKey)<12)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:1804:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(smlSrcTargLocURIToCharP(aItemP->target)) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:1805:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(smlSrcTargLocNameToCharP(aItemP->target)) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:1806:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(smlSrcTargLocURIToCharP(aItemP->source)) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:1807:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(smlSrcTargLocNameToCharP(aItemP->source));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:1809:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (metaP) fItemSizes+=strlen(smlPCDataToCharP(metaP->type));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:3132:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(aLocalID) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/synccommand.cpp:3133:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(aRemoteID);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncitemtype.h:31:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define TCFG_SIZE(s) (s ? strlen(s) : 0)
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/syncsession.cpp:4520:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (userpw[userpwlen-1]==0) userpwlen=strlen((char *)userpw);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textprofile.cpp:377:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e=aText+strlen(aText);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/textprofile.cpp:539:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bl=strlen(aBoundary);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:854:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q!=NULL && strlen( q )>strlen( UTC )) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:854:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q!=NULL && strlen( q )>strlen( UTC )) {
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync/timezones.cpp:855:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q+= strlen( UTC );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:102:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( mc->fModuleName, moduleName, STRLEN );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:481:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( ac->fDevKey, sDevKey, STRLEN ); /* local copies */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/demo/sync_dbapi_demo.c:482:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( ac->fUsrKey, sUsrKey, STRLEN );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/DB_Interfaces/text_db/sync_dbapi_text.cpp:1102:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!err) a= strlen( *aItemData );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:181:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uInt32 fPos= fLen - strlen( ADMIN_Ident );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:831:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (last) qN= (cAppCharP)q + strlen( q ); // it's the last field ?
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_support.cpp:908:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!qN) qN= (cAppCharP)q + strlen( q );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:149:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len= strlen( s );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:155:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( cp, s, n ); /* not yet NUL terminated !! */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:164:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return StrAllocN( s, strlen( s ), true );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:190:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b+= strlen( key )+1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:583:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isMax= strlen(message)==maxmsglen-1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:658:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size= strlen(dbIntro) + strlen(id) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:658:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size= strlen(dbIntro) + strlen(id) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:659:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(isX) + strlen(routine) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:659:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(isX) + strlen(routine) +
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:660:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p) + strlen(text) + 1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/SDK_util.c:660:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p) + strlen(text) + 1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/UI_util.cpp:92:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len= strlen(name);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/UI_util.cpp:146:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prefixlen = strlen(prefix);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len= strlen( fVal );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:56:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (j>0) { len+= strlen( z ) + j*(strlen( fKey )+strlen( x )); // "yy[x]:"
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:56:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (j>0) { len+= strlen( z ) + j*(strlen( fKey )+strlen( x )); // "yy[x]:"
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:56:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (j>0) { len+= strlen( z ) + j*(strlen( fKey )+strlen( x )); // "yy[x]:"
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:491:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen= strlen( fVal ) + ArrLen( fKey,fVal );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:652:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!qN) qN= (cAppCharP)q + strlen( q );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:711:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!qN) qN= (cAppCharP)q + strlen( q );
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:879:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!qR) qR= qA + strlen( qA ); // no tab to skip
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/dbitem.cpp:898:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!qR) qR= qA + strlen( qA ); // no tab to skip
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:117:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aLen<=0) aLen=strlen(aString);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:321:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len= strlen(serverURI);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/san.cpp:373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(Sy);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_b64.cpp:154:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len==0) len=strlen(instr);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:352:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uInt32 len = strlen (aString);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:358:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf (s,"MD5 (\"%s\") = ", aString); s+=strlen(s);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_md5.cpp:371:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s+=strlen(s);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:1885:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aLen<=0) aLen=strlen(aString);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2024:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aPatternLen<0) aPatternLen=strlen(aPattern);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2036:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aReplacementLen<0) aReplacementLen=strlen(aReplacement);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2209:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uInt32 n=strlen(aServerURI);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2341:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = p + strlen(p);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2893:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (aLength==0) aLength=strlen((const char *)aData);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:2971:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pcdataP->length = aString ? strlen((const char *)aString) : 0; // from argument, if NULL -> length=0
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/sysync_SDK/Sources/sysync_utils.cpp:3030:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md5::Update (&context, (const uInt8 *)aDevStaticString, strlen(aDevStaticString));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:66:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uLong len = (uLong)strlen(hello)+1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:96:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(hello)+1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:153:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((char*)uncompr) != 7) { /* " hello!" */
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:177:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uLong len = (uLong)strlen(hello)+1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:352:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uInt len = (uInt)strlen(hello)+1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/example.c:451:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_stream.avail_in = (uInt)strlen(hello)+1;
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:127:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s->path = (char*)ALLOC(strlen(path)+1);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:621:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:658:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:693:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return gzwrite(file, (char*)s, (unsigned)strlen(s));
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:985:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s->msg = (char*)ALLOC(strlen(s->path) + strlen(m) + 3);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/gzio.c:985:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s->msg = (char*)ALLOC(strlen(s->path) + strlen(m) + 3);
data/libsynthesis-3.4.0.47.5+syncevolution-1.5.3/src/zlib/minigzip.c:232:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uInt len = (uInt)strlen(file);
ANALYSIS SUMMARY:
Hits = 739
Lines analyzed = 225367 in approximately 5.99 seconds (37642 lines/second)
Physical Source Lines of Code (SLOC) = 148853
Hits@level = [0] 500 [1] 197 [2] 438 [3] 13 [4] 91 [5] 0
Hits@level+ = [0+] 1239 [1+] 739 [2+] 542 [3+] 104 [4+] 91 [5+] 0
Hits/KSLOC@level+ = [0+] 8.32365 [1+] 4.96463 [2+] 3.64118 [3+] 0.698676 [4+] 0.611341 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.